MANILA, Philippines — Despite GCash’s best efforts to safeguard users’ information, malicious actors are still prevalent and have even invented a new fraud scheme.
Nic Ang, a GCash user, recently shared her experience on Facebook about a new modus that involves the e-wallet and ShopeePay. She said that the scammers were able to take out a loan worth P64,000, which they then transferred to their ShopeePay account. The scam took only 15 minutes.
According to Ang, someone who pretended they were from GCash called her claiming that a particular person is trying to access her GCash account. The caller also said that the phone call is being monitored by the National Bureau of Investigation’s (NBI) anti-cybercrime department. The NBI currently has an office handling cybercrime issues called the Cyber Crime Division.
How scammers operate
The scammer said their team is tracing the person trying to access her GCash account as they spoke. The caller also noted that they were trying to block the transactions being made by the person. The team of scammers sent money request transactions in real time while saying that they canceled the transaction to make it look like they blocked the alleged malicious transaction.
Once they gained Ang’s trust, they told her that they needed her one-time pin (OTP) to freeze the GCash user’s account. When the scammers got Ang’s MPIN, they were able to make a P64,000 loan, which they later topped up to their Shopee account.
Ang was told not to log in on GCash because they are trying to freeze all activities for an “NBI investigation.”
The victim was also asked if she was willing to testify in court against a fraudster and asked her to write down the reference number for the recent call.
In her Facebook post, Ang said that the scammers are trained individuals, sharing that she could hear other agents in the background as if they were “a call center of fraudsters.”
Ways to avoid falling victim to scams
1. Be skeptical
Any person who is told that their e-wallet is being hacked will be concerned and could easily trust the one they heard the news from. However, it is best to be skeptical. This would include verifying the information and credentials of the caller.
2. Verify the credentials of the caller
To verify the legitimacy of the call and the information of the caller, ask for their name, the office they belong to, the purpose of the call, the claim, and, most importantly, proof for these pieces of information.
3. Never share your OTP and MPIN with anyone
There is a reason they are called an MPIN and an OTP. They are not meant to be shared. Banks and e-wallet services usually remind their clients that they do not ask for OTPs and MPINs. Once an unknown caller asks for these, it should already alarm you of a possible fraud.
The reason OTPs are called a one-time password is so that nobody else can use it except its owner. Sharing OTPs would defeat the purpose of OTPs.
4. Ask GCash Customer Service directly
Lots of scammers now are imitating organizations, pretending they are from legitimate offices. Authorities will not take action on alleged illegitimate access into a financial technology account unless it has been reported to them. If you notice any untoward transaction, it is best to go directly to the e-wallet service provider.
If scammed, take note of all information you can get and file a complaint or case. In the case of Ang, she traced all transactions made through ShopeePay, GCash, and Dragonpay.
To do this, take note of the phone number of the caller, the information they gave such as names and the alleged office they belong to, and the reference numbers of the loan and transactions made, including the dates and time.
Take a screenshot of every transaction or relevant information. These can be used when you file a formal complaint to GCash and possibly even to a government agency like the NBI and the National Privacy Commission.
Scammers are everywhere, and many of them are well-trained. It is advised to be wary, alert and skeptical, especially when it comes to your own money.