Cybersecurity

PH privacy commission warns of online fraudsters exploiting COVID-19 pandemic

As if the COVID-19 pandemic is not enough to cause anxiety and distress, fraudsters are taking advantage of the situation by sending phishing emails and installing malware. Now that many are working from home and people are online most of the time, cybercriminals are taking a cue on the traffic to target unsuspecting victims.

The National Privacy Commission (NPC) warns online users to be more discerning of the messages, whether through email or messaging apps.

“The National Privacy Commission is appealing to everybody to be very careful online, especially when using online financial services and accessing health-related apps,” the NPC said in a media release. “Be cautious with the sites you visit, enhance your privacy settings, and protect your personal data.”

Have you read “PH privacy commission reminds gov’t of COVID-19 patients’ privacy”?


The NPC encourages everyone to practice the following tips to protect personal data in the time of COVID-19:

Do not give out your personal data in suspicious COVID-themed emails and messages.

Is the email or message unsolicited? Does it urgently encourage you to open the attached file? Is it promising COVID vaccines or cure that you have not heard of at all in the news or credible websites? Do not click them. It is most likely a phishing attack that steals your financial data such as credit card or online banking details.

Make trusted government and other legitimate websites your go-to source for the latest COVID information.

We have a lot of questions about the pandemic. We will not find these answers, however, on some random websites or applications. What we may find on these sites instead are suspicious links, pop-ups, and downloadable files, resulting in a ransomware infection that locks us out of our devices. Not only do you protect yourself from ransomware by relying on trusted sources, but you also get to avoid misinformation.

Ensure that the charity or crowdfunding campaign you plan to donate to is legitimate.

Research online or through your social media contacts from whom you learned of the charity or crowdfunding campaign. Know where your donations will go. Think twice if the charity rushes or pressures you or makes unrealistic promises just to get you to donate. If you’ve decided to make the donation, be sure to check your bank statements and see if you’ve been charged the right amount.

Be mindful of phishing baits from online scammers.

Scammers want you to click on a link or give your password, account number and other personal information. This way they can steal your identity, money and gain access to your computer or cellphone. To do this, they use familiar company names or pretend like someone you know. They pressure you to act now or else.

When you receive such messages, be skeptical. Look up the website or phone number for the company or person contacting you. Call them directly using the company’s official number or email. Never give any personal information especially your password and pin number.

Most phishing attempts to use bad grammar and spelling. There are some, however, that look legitimate and very convincing.

During this critical period, all our focus and efforts should go to the fight against the spread of the COVID-19 virus. We should avoid, at all costs, getting sidetracked by these digital pitfalls.

Internet users who suspect that their personal data have been compromised can contact NPC’s complaints and investigation team through complaints@privacy.gov.ph and info@privacy.gov.ph.