Ayala-led Bank of the Philippine Islands (BPI) has renewed its call for financial consumers’ more vigilance against cyber-related crimes by meticulously adopting cyber hygiene this year.

“Cybersecurity is a shared responsibility between banks and clients. To keep your personal information—especially credit cards and deposit accounts—safe, it is crucial to commit to the practice of cyber hygiene, as this will ensure online security to keep your files and data safe from cyber criminals,” said Jonathan John Paz, BPI Enterprise Information Security Officer and Data Protection Officer, in a statement.

BPI’s push for encouraging Filipinos to be more alert online by adopting a security-centric mindset in 2024 stemmed from the Bangko Sentral ng Pilipinas’ (BSP) cybersecurity awareness drive or the promotion of cyber hygiene practices which was started in 2020, at the height of the pandemic.

The cyber hygiene habit are practices and steps that users of digital devices and financial services take to ensure online security.

Citing the Anti-Cybercrime Group (ACG) of the Philippine National Police, BPI said that last year, more than half of cybercrimes documented were online scams. Based on their data, 19,884 cybercrimes were recorded from Jan. 1 to Dec. 7, 2023, of which 11,071 cases or 55.67 percent represented online scams.

To avoid scams and other cybercrimes, BPI urges the public to follow these practices: clean up file folders and email inbox, delete all documents, media files, and messages no longer needed and keep them organized; check the web browser extensions that have been unintentionally enabled and assess if they are important and best to uninstall if not; and delete all applications that are unused since these apps still consume energy and can also extract information.

BPI also advises to “clear your cache regularly to delete the personal information stored in the websites you’ve visited (e.g., when answering forms)” and to “deactivate user accounts which you no longer use. This minimizes your digital footprint and lessens the likelihood of data leakage.”

Paz noted that “no matter what day or month, always remember that cybersecurity is a practice that shouldn’t be ‘seasonal’ or when we just ‘remember’ to be vigilant. It should always be practiced, a shared responsibility, a given.”

In the three years of the pandemic, the BSP said issues and concerns about internet banking, mobile banking and e-money were top concerns as reported through their Consumer Assistance Management System. The issues mainly evolve around fund transfers, crediting funds to recipient accounts, and unauthorized transactions.

Digital literacy is crucial under the BSP’s digital transformation roadmap as they shift more retail payment transactions to digital this year.  

Meanwhile, the BSP is strictly enforcing cyber security rules for all its supervised financial institutions or BSFIs.

This is why the central bank always remind BSFIs about strictly implementing multi-factor authentication (MFA) for online transactions.

MFA requires users to verify their identity through several methods before proceeding with a transaction. MFA includes one-time PINs or OTPs, biometric authentications, and mobile banking PINs or MPIN.

Authentications are sent through SMS, e-mail, or phone call. Enabled notifications will promptly alert the individual if a transaction was completed.

The BSP continuously reminds the public that e-safety is everyone’s responsibility. Part of this information drive is to issue regular public advisories to update device operating systems and to report immediately any suspicious or unusual activities to their banks or digital non-bank service providers.