According to Justine Qui, she received a text message from the OFFICIAL BPI-OTP number telling her to expect a call from the said bank. And here's what happened next:
Last Friday, August 7, I received a text message from the OFFICIAL BPI-OTP number telling me to expect a call. The message said their agent with the number 09162083912 would call regarding my account. Sure, a little strange, but this was the official BPI-OTP number that has been sending me all my previous OTPs for all my online transactions. Past experience told me this number only sent automated messages, so this must’ve been an official call from BPI, right?
Photo from FB |
The following day, at 5:23pm, I received a call from the number indicated in the BPI-OTP message. It made sense, so I answered. The “representative” on the phone told me that BPI was testing out a new system and needed customer confirmation that their messages were being sent and received in real time. I was told to read two (2) sample messages out loud, which I would realize were activation keys that allowed the scammers to access my BPI online account.
Later that night, I had a trail of emails about multiple funds transfers I was completely unaware of. Once the so-called BPI agents had gained access to my account, they transferred my money to a PayMaya account. It was too late by then, and all the money I had saved this year was gone. Well, they left me Php 200.
I immediately contacted the BPI customer support hotline to ask for help. I forwarded a screenshot of the BPI-OTP message I received from THEIR number. You know, the number we’ve been conditioned to trust because that’s where all our OTPs come from.
Supposedly the last line of defense, this BPI-OTP number had been used to help people steal my money. I told the support personnel what happened, and all they could offer was to report the issue. They said they couldn’t do anything about the money stolen from me with the help of their own security number. Nothing. Nada. Just me, a “reported issue,” and my annual savings of Php 200.
Photo from FB |
Aside from the obvious issue of losing all my money, what concerns me the most is that the BPI-OTP number - an official number that I am supposed to trust for all my banking transfer passwords - is compromised. We're constantly reminded to keep our presence of mind and never share bank details with anyone, but you would think you’d at least be safe when it’s the bank you trusted with the entirety of your savings telling you to expect a call. Isn’t banking built on trust, after all?
It’s easy to say you’re careful, but when you’re in the moment and your faith in your chosen bank has been taken advantage of, you can just as easily be left broke. Currently, I'm still exhausting all possible options to get back the money that was taken from me.
Qui then warned her fellow account holders of the scam and reminded them to refrain from sharing their account information to anyone.
"Please learn from what happened to me and be very vigilant about your online accounts, especially now that we’re in quarantine and are constantly transferring money through our phones. Trust your instincts, and be extremely careful when sharing your bank information, even with your bank," she ended.
Source: 1