Follow us for updates
© 2021 reportr.world
Read the Story →

Who Gets Reimbursed After BDO Hacking? Central Bank Explains

It depends if the client is 'innocent' or 'negligent'.
by Pia Regalado
3 hours ago
Photo/s: Jerome Ascaño
Shares

The reimbursement process for BDO clients who  lost money to hackers will depend on whether they "voluntarily" gave away personal details that enabled fraudsters to access their accounts, the central bank said Tuesday.

While "innocent" customers lost their money without clicking on suspicious links or giving away their one-time password or OTP, there could be some who got tricked into giving the sensitive data away via phishing scams, said Mhel Plabasan, director of BSP Technology Risk and Supervision Department.

Plabasan said fraudsters likely took advantage of BDO's 10-year-old web service, which was due for replacement by 2022. This web service is used for mobile applications, which could be why only those with BDO mobile or internet banking accounts were affected.

"There are also phishing victims who voluntarily provided credentials, who gave away their OTP to fake customer service... That's why BDO and BSP are conducting several investigations to identify who are the innocent victims in this particular incident," he said.

Continue reading below ↓

"The bank usually does not restitute clients who are called negligent," he said.

NEWS YOU CAN USE:

Getting Too Many Spam Texts? We Asked Globe, Smart for Help

How to Turn On Two-Factor Authentication, Avoid Getting Hacked 

While banks have the responsibility to protect their clients, depositors should anlso do their part in protecting their accounts, Plabasan said.

Continue reading below ↓
Recommended Videos

"The downside really of us going digital, hackers or fraudsters have also become very creative that's why vigilance is required for the consumers and the banks should always be poroactive when it comes to adapting robust security measures."

Bangko Sentral Governor Benjamin Diokno gave the task force formed to investigate the hacking 30 days to finish its work, Plabasan said.

"We have to make sure all vulnerabilities on the part of BDO, receiving bank, or Instapay will be resolved or will be remediated," he said.

Based on preliminary investigation, Plabasan said there are real people behind "Mark Nagoyo", the beneficiary of the "donations" where victims supposedly sent their money to.

Continue reading below ↓

"We will ensure the person behind Mark Nagoyo and the accomplices will be dealt with to the fullest extent of the law," he said.

ALSO READ:

How Spam Texts are Used to Steal Your Data 

EXPLAINER: How Spam Texts are Used to Steal Your Data

Reportr is now on Quento. Download the app or visit the Quento website for more articles and videos from Reportr and your favorite websites.

Latest Headlines
Read Next
Recent News
Tsunami waves are possible within 1,000 km of the epicenter.
Comelec requires verified accounts for accountability.
The news. So what? Subscribe to the newsletter that explains what the news means for you.
The email address you entered is invalid.
Thank you for signing up to On Three, reportr's weekly newsletter delivered to your mailbox three times a week. Only the latest, most useful and most insightful reads.
By signing up to reportr.world newsletter, you agree to our Terms of Service and Privacy Policy.