5 Common Banking Scams Filipinos Should Watch Out For

The Bangko Sentral ng Pilipinas (BSP) recently directed banks and other BSP-supervised financial institutions (BSFI) to implement a zero-trust cybersecurity system to ensure maximum protection of data and online financial transactions.

This cybersecurity directive comes in response to the surge in incidences of banking scams as more and more Filipinos turn to digital transactions in light of the COVID-19 pandemic.

If you plan to sign up with Robinsons Bank or any other bank, you should learn about the different banking scams so that you can protect yourself. Banks may adopt stringent measures to safeguard consumers and prevent fraud, but they can only do so much. At the end of the day, you need to be proactive and to be alert so you will not end up as a victim.

Nobody knows exactly how many types of banking scams are out there. Nonetheless, you can learn a thing or two on how scammers operate if you know how some of the more popular schemes are carried out. Read on to learn about the most common ruses that you should watch out for and what you can do to avoid them.


Phishing has been around for many years, but the scam has become even more widespread due to the lockdown restrictions brought by the pandemic. The Cybercrime Division of the National Bureau of Investigation reported that phishing scam incidents increased by 200% since the start of the enhanced community quarantine in March. Because of this rapid rise, phishing is now the leading cybercrime being committed in the country today.

The term phishing was initially coined by hackers who stole America Online accounts and passwords in the mid-1990s. Similar to anglers who fish using a rod and line, these internet scammers used e-mail lures to “fish” for passwords and financial information from a “sea” of web users.

You probably heard of people who received emails supposedly from banks or businesses asking them to divulge certain information, such as credit or debit account numbers, bank account information, and passwords. That is a phishing scam. While this type of scheme used to be readily detectable because of the poorly constructed emails and the obviously bogus look of the fake websites, scammers have become more sophisticated over the years.

They create fake websites that look strikingly similar to genuine banking facilities. They even use convincing banking terminologies to lure unsuspecting victims to fill out forms with sensitive details that they can use for illegal activities and account takeover.

Phishing scams will most likely continue for years to come. While you may not have any control over the scammers, you can take note of the following pointers to avoid falling prey to phishing schemes:

  • Install anti-virus software, spyware filters, email filters, and firewall programs to serve as additional buffers between you and outside intruders.
  • Make sure that the website you are using is secure by looking for “https://” at the beginning of the internet address and the padlock icon on the left of the web address.
  • Never reply to any email that requests your personal and financial information. Take note that banks will never ask for such details through email.
  • Use strong passwords and keep them private.
  • Avoid posting too much information about yourself and uploading pictures of your passport, I.D., and other sensitive documents on social networking platforms.
  • Do not open files, download programs, and click on links sent by people you do not know.


Vishing is essentially a phishing scam, but instead of using emails or text messages, scammers use phone calls to sway people to disclose their personal and financial information. The scammer calls the potential victim using a speech synthesizer to inform them that suspicious activities are going on in their credit card, savings, or mortgage accounts. Afterward, the person is told to contact a telephone number and to provide needed information to “verify identity” or to “ensure that fraud does not occur.”

Note that fraudsters usually resort to caller ID spoofing to make the victims believe that they are legitimate banking institutions or government agencies. Unlike ordinary phishing that practically cost nothing because they only use emails or SMS, vishing schemes are often outsourced from other countries.

Vishing scams are usually underreported since many victims do not realize that they have been scammed. Protect yourself from this ruse by following these tips:

  • Do not trust any caller asking for sensitive information since caller IDs can be easily spoofed.
  • Verify the phone number of the calling party by calling them back using a different phone.
  • Never share your personal and financial information over the phone.
  • Do not call the number given by the unidentified caller. Get in touch with your bank directly using valid phone numbers to verify the truthfulness of the unsolicited message.
  • Block automated calls.

SIM Swapping or “Palit SIM”

Another scam that is rising in popularity is the SIM swapping or “palit SIM” ruse that uses SIM cards to deceive people and steal their money. This scheme is carefully planned out as scammers meticulously gather the victims’ personal information, such as birth date and mother’s maiden name, through phishing or internet posts.

The swindlers pretend to be telecommunications agents offering upgraded network connection to unsuspecting victims in exchange for SIM cards. They use the information they gathered to sound convincing and credible over the phone. After winning the victims’ trust, the scammers will fool them into giving their One-Time PIN (OTP) or SIM card.

When scammers have their victims’ mobile number and personal details, they can readily bypass the financial institutions’ Multi-Factor Authentication (MFA), which requires digital users to provide two or more verification factors to access their accounts. Once logged in, the fraudsters can easily transfer their victim’s money to their own bank accounts.

Besides cleaning out your financial accounts, scammers can also take over your social media accounts, delete your data, and remove your email once they hijack your mobile number. For your protection, banking experts recommend the following:

  • Avoid posting your full name, address, or mobile number online, especially on your social media accounts.
  • Keep your social media accounts in private mode.
  • Never respond to emails, text messages, or phone calls that ask for personal information.


Smurfing is another ploy that became more common due to the surge in digital transactions, particularly fundraising activities for medical frontliners and poor families, during the COVID-19 pandemic. This scam is used primarily to move dirty money and steal the victims’ sensitive information, such as credit card details, personal identification numbers, and passwords.

This scheme mainly involves people renting out their bank accounts for a fee. Swindlers lure account holders by offering easy cash (about P2,000/day) in exchange for the use of the victims’ bank accounts for money transfers. The usual targets for this type of scam include overseas Filipino workers (OFWs) since they regularly remit funds to their loved ones in the country and will not raise suspicion when they make money transfers.

Scammers also prey on college students at Manila’s University Belt as they regularly receive allowances from their parents through their bank accounts and are commonly on the lookout for easy ways to make money. Compared to other banking scams, smurfing is probably the most enticing, considering that the victim is offered compensation.

It is important to note, however, that aside from possible identity theft, individuals who willingly participate in this scam can be persecuted under the Anti-Money Laundering Act, which can result in imprisonment and a penalty of up to three million pesos. Avoid getting involved in this scheme by considering the tips below:

  • Never divulge your bank information with other people, particularly the OTP sent to you as a measure to protect your online transactions.
  • Do not trust anybody asking for your sensitive details even if the person sounds like a legitimate bank employee. Get in touch with your bank representative if you receive such calls or emails to verify their authenticity.
  • Be suspicious of job offers that promise easy money and only involve online transactions.

ATM Skimming

Also referred to as card skimming, ATM skimming is a scam that involves the unlawful copying of personal data from the magnetic strip on the back of an ATM card or credit card. This scheme is carried out using skimming devices that are carefully placed over the card swipe mechanisms of ATMs and handheld devices used to skim your credit card during transactions.

Scammers use this ruse to steal your personal information so that they can access your accounts. Apart from taking money from your ATM account or making fraudulent charges using a counterfeit credit card, scammers can also use your data to borrow money or secure loans using your name.

Card skimming scams affect millions of people worldwide. Do not let yourself become a victim of this fraudulent banking scheme by following the recommendations below:

  • Check the automated teller machine for anything suspicious before using it. If you suspect that the machine has been tampered with, report it to the bank immediately.
  • Do not share your personal identity number (PIN) with other people or keep a written copy of your pin together with the card.
  • Review your bank account and credit card statements as soon as you get them so that you can readily report irregular transactions to your bank.
  • Never allow the cashier or assistant to swipe your card out of sight or in a second machine if you are in a restaurant or retail shop.

Scammers are continuously improving their schemes and adopting new approaches to deceive more people. While they cannot all be stopped anytime soon, you can make it harder for them to succeed. Consider the discussion points above so that you can learn their patterns and make sure to never share your personal information and banking details with anyone.