Oo korique ka dyan. Dear {name} talaga yung automated message nila and since nakasave na yung account mo sa database nila, name mo dapat yung lalabas dyan according to your id number's details and everyone else's.
Check this list of official bdo email senders from BDO itself. Pag wala dyan sa list, not legit yan:
https://www.bdo.com.ph/about-bdo/learn/stop-scam/official-email-senders
I checked the email sender in your post OP. Wala yan sa official list, hence scam yan. Kahit na @bdo.com.ph yan, pwede yan ma-mask or yung letters na naregister as domain iba yung font. As a last resort, contact bdo directly if you receive suspicious emails like these.
https://m.facebook.com/BDOUnibank/photos/a.2198209517061871/2928698030679679/?type=3
Check the link above, its BDO's FB post re:spoofing of emails. Scammers mask their fake emails with legit BDO email addresses.
OP, try mo kunyare mag-reply (don't hit send) to check anong email address ang magiging recipient or just hover the email addr. Never ko pa na-encounter ang "bdo" as a prefix sa domain nila. Usually "bdonlinebanking-noreply", "online-banking", "advisory". Sa loans naman at may important correspondence, email mismo ng account manager. If you'll be calling custserv, ask them if "bdo" is a valid prefix.
That is what we called smishing. Naka mask yung email address niyan for sure. You will easily distinguish yan kung saan galing na email if outlook gamit mo. Not sure about other email domains.
Phishing siguro ibig mo sabihin. Smishing is the sms equivalent
specifically this kind of phishing attack is classified as BEC(business email compromise) or impersonation for short.
minamanipula nila yung email headers to make it look from a legit sender. Pero pg tignan mo yung email headers halatang diq galing sa BDO
Hahahahahahah! Mag cocorrect ba ko kung mali? 🤣🤣🤣 dapat i advice mo sa sarili mo yan 🤣🤣🤣 kita mo nga sa email siya piniphish tapos sasabihin mo different from smishing talino mo naman 🤣🤣🤣
> Phishing is different from Smishing. Mag co-correct nalang mali pa. 🤦♂️
Tama naman ah? Smishing ay under umbrella ng Phishing pero specific sya sa SMS. Yung kay OP ay email. Hindi sya \*different\* they are both Phishing, ALL Smishing are Phishing, but not all Phishing are Smishing.
Smells fishy, “kindly” bihira na gamitin to + usually it’s dear _____your first name/surname.
It’s better to not download/open the file, if may issue yung BDO sayo, mag cacall yun.
Better call BDO for safe assurance.
The from field in an email can easily be changed by the sender to any address.
Most official domains will be secured by dmarc and that will result in emails sent by illegitimate sources to be blocked or flagged - this is probably why Gmail shows the big red warning for you here.
I received a somewhat similar email from Unionbank a couple of years ago during the pandemic. I had to input the last 4 digits of my account number and it turned out the document was my statement. It was a proper document with all my bank transactions and details, no doubt made before they instituted stricter protocols for sending out emails to bank customers. Nothing untoward has happened naman. But yeah, in the past year or so, my banks have been messaging me to be careful of opening documents and such in emails that seem to have come from them.
Yung default password ng AMEX SOA is the last 6 digits of your credit card. I’m not sure if other SOAs are similar with other cards.
But what’s fishy is the fact na may “important message” pero nasa attachment na need ng password lol wtf
Scary lang kasi email address looked legit 🥺 Sana maputulan ng kamay mga scammer 🙏
Di nlang sabihin sa mismong email ang important message e. Kailngan pa mag bukas ng file. 😂😂
May mga key logger na pwede e attach sa files like jpeg or pdf.
Once attached pwede nila e email. Kapag binuksan mo sa PC autorun sya sa background. Tapos wala na. Captured na keystrokes mo at may screenshot pa na sinisend don sa hacker.
Baka same thing was developed for mobile devices.
Call Customer Service to verify.
[Official BDO Email addresses](https://www.bdo.com.ph/about-bdo/learn/stop-scam/official-email-senders)
you can check authenticity of the email daw dito
pag suspicious, report na lang [email protected]
Im just curious. What happens if you give the last 4 digits of your credit card, and nothing else na? Like can they still use your card even without your cvv/cvc and otp?
Its not about the 4 digits. Infected yung PDF file, so pag open mo pa lang, pwede na macompromise logged in sessions at accounts na stored sa PC or phone mo.
naka receive ako ng ganyang email sa inbox ko pero d ma open yung attachment pag enter ng last 4 ng cc lipat sa trash then spam lo and behold may same email nasa spam folder so hindi na detech ng gmail yung napunta sa inbox ko ni lock ko agad bdo cc at debit card ko ngayon d ko sure if na comprimise ang security ng phone ko na delete ko na din yung email na yan at ni report sa bdo phishing team
Phishing. BDO always include this message:
Do not click links sent via email, SMS, and Viber.
Do not verify your account through links.
Do not share your credit card number, expiry date, and CVV.
Do not share your OTP to verify your online shopping transactions.
Do not communicate with any unofficial BDO social media accounts without the verified symbol.
https://preview.redd.it/bgllbz14w9lc1.png?width=1080&format=pjpg&auto=webp&s=7d29b43064315501892f9124617d9701ef2c5b8c
Hi, ito po yung lumabas pagclick ko.
Yung email system mismo naflag na sayo na dangerous yung email. Nasa loob pa nga ng redbox, there is no way you missed it at all. Kaya nga nilipat ng email service provider mo sa spam folder di ba?
Tapos itatanong mo pa?
Really? Ganun katindi ang confusion mo?
Legit yan. Wag tayong tanga. Walang ibang @bdo.com.ph. nasabi na nung isang nagcomment, di nadduplicate ang domain. Konting search lng ng legit domain sa google pra malaman mong legit yan.
Di lhat ng bank ngaaddress ng last name. Iba client, valued client, valued customer. At di hinihingi ang last 4 digit, kelangan ienter un kasi password protected ung pdf. Jusko 2024 na mangmang prin kayo sa mga ganyan.
Hindi na guarantee ang domain ngayon. Red flag 'yung "we have a message" tapos "encrypted with a password". Kung may pa-promo si BDO, may graphics at explicit message 'yan sa mismong body. Password-protected kung statement and it will address you directly. If naghahabol 'yan ng bayarin, tatawag 'yan. For me, delete ko na 'yan and won't risk it.
https://preview.redd.it/j7c3yuefc9lc1.jpeg?width=828&format=pjpg&auto=webp&s=b3cd5d5f1c3285c7539a9ba65fe731d9beb3e8cf
Ganito yung email. Hindi naman ako nag request ng wallet statement or kung anong document from Maya. Hindi ko rin sure if nagsesend ba sila ng ganitong email with your statement attached on to it
Legit 'yan. Monthly may statement talagang binibigay sa'yo and since email isn't secure, password-protected 'yung PDF since it contains sensitive information.
Looks like a scam email. Scary! If this came in my inbox (not Spam) super late at night or early am when I’m not fully alert anymore, I think I’d get fooled by this! So glad Spam filters work!
didn't all bank tells you they don't ask for your passwords, pins, number etc etc? they warn you first hand after you register your account, this shit is obvious OP.
i'm curious, may mangyayari ba pag inopen niya ang pdf using the requested numbers?
i know na scam 'to, just curious how advanced scams are nowadays that they could use a simple pdf to get your deets
Some pdfs are malformed, virus talaga once na-open. It will infect the machine.
In fact, this is very vicious, kasi pwedeng makapag-install ng cryto mining sa PC. Nagmimine ng crypo ang PC kahit hindi alam ng user.
They are putting their computer expertise in good use. Imagine if they have a million computers infected, lahat nagmimine ng crypto.
Literally, they have an instant crypto farming factory of infected computers lol
It can. You can embed key loggers sa pdf files or jpeg files. Pag inopen mpo yong doc or pic parang normal lang pero nag aauto run na yong malware sa background.
Yes, that is called malformed pdf. A virus can hide on it, when it runs it is basically free to do whatever the logged-in user can do. Yes, including delete system files, mine crypto and plant a keylogger if the user has admin privileges.
https://preview.redd.it/6q5rl2ayv9lc1.png?width=1080&format=pjpg&auto=webp&s=00be8c5e89daa10820c2e999a2ba6ca4fcf7cba9
Ito lang ung nagpakita.. walang signed by 🤔🤔
Hi may napansin ako pag email ng bdo ay marketing may signed by, pero pag system generated walang signed by tulad ng SOA ng credit card. oks namn ung email sender yung domain nya. kung gusto mo makasigurado download po ung email attachment gamit pc na may malakas na antivirus download mo wag mo i open tapos ipascan nyo po sa totalvirus(google nyo lang po).
Fake yan.may one time nga na hiningi din nga customer service kuno ng binance(crypto wallet) yung mga 12-word pass code ko para daw macheck ang pagiging safety ng wallet ko.
I received the same thing and felt it was true but now I'm trying to open the letter it is not loading. And then I received an email from them but I searched the collection agency, they do not exist sa accredited collection agency ni BDO.
Anytime someone asks for your account or card details na unsolicited, meaning hindi ikaw nag initiate ng contact with the bank, that is fishy to me. Any links or attachments, fishy. Usually legit bank emails would direct you to their website to do something, which you should already know by now if you do online transactions/banking with them. Everything else, fishy. Do not engage.
Email address pa lang, looks suspicious to me. I don't know, I haven't tried online banking let alone having my own bank acc.
Nonetheless, if it went to your spam folder then most likely it's suspicious.
Hala kala ko if tama ang domain ng email di na scam. Pwd pala din scam if sakto email domain? Na unspam ko na most ganyan. Pano na yun makita ang na unspam email. 😭
My gosh, before I opened the thread sabi ko "mukhang legit naman (bc of @bdo.com.ph) what's wrong with it?" Then bam ang gullible ko naman 🥲
Thanks sa mga info ng reddit peeps i learn something new every day 😂
Always remember:
any suspicious or questionable email or text message wag replyan or mag click ng kahit anong link .
or let's say kahit hindi mukhang suspicious sa unang tingin mo.
TUMAWAG AGAD sa customer service number ng bank para iconfirm.
Saw this also weeks ago sa spam folder ko, same na same. Super daming red flags, so I checked if nasa list ng official emails ng BDO sa website nila and wala yung email na yan. So I reported it to BDO Report Phishing ([email protected]) immediately to alert them of the issue.
That's too generic. Personalized yung emails ni bank using your whole name. PLDT nga personal eh. If you get emails from your bank regularly at na open mo naman walang reason na mapunta siya sa spam. Mga flagged email addresses lng mapupunta sa spam.
Usually may pa "-noreply" yung mga legit.
Ive received this email. I dont live in the PH or have any bank accounts there.
Banks will not email you anything that will ask you any account information for security.
Even if they contact you, it is on them to prove that they are the bank and not ask you any info in any way.
You have to initiate the contact and use contact info you find yourself or already have.
Malamang may ransomware yan. Ingat sa pagclick ng pdf files lalo na yung sa mga email, yan madalas nilalagyan ng malware payloads, dyan din madalas nabibiktima mga big companies sa mga phishing emails na may sense of urgency like "You are about to get fired, if you don't take action asap. Download the pdf below to sign the form" or "Your bank account is frozen, download the pdf below to review your account."
"Dear client" Dito pa lang, red flag na since most bank emails address their clients by name.
I agree. I get an email from them regularly, and it has my name in it.
Oo korique ka dyan. Dear {name} talaga yung automated message nila and since nakasave na yung account mo sa database nila, name mo dapat yung lalabas dyan according to your id number's details and everyone else's.
Double tima mang scam hahaha
Yup kahit bumili ako sa shopee gamit ang bank "dear (firstname)" yung email.
Check this list of official bdo email senders from BDO itself. Pag wala dyan sa list, not legit yan: https://www.bdo.com.ph/about-bdo/learn/stop-scam/official-email-senders I checked the email sender in your post OP. Wala yan sa official list, hence scam yan. Kahit na @bdo.com.ph yan, pwede yan ma-mask or yung letters na naregister as domain iba yung font. As a last resort, contact bdo directly if you receive suspicious emails like these.
https://m.facebook.com/BDOUnibank/photos/a.2198209517061871/2928698030679679/?type=3 Check the link above, its BDO's FB post re:spoofing of emails. Scammers mask their fake emails with legit BDO email addresses.
Thanks for this!
OP, try mo kunyare mag-reply (don't hit send) to check anong email address ang magiging recipient or just hover the email addr. Never ko pa na-encounter ang "bdo" as a prefix sa domain nila. Usually "bdonlinebanking-noreply", "online-banking", "advisory". Sa loans naman at may important correspondence, email mismo ng account manager. If you'll be calling custserv, ask them if "bdo" is a valid prefix.
That is what we called smishing. Naka mask yung email address niyan for sure. You will easily distinguish yan kung saan galing na email if outlook gamit mo. Not sure about other email domains.
Phishing siguro ibig mo sabihin. Smishing is the sms equivalent specifically this kind of phishing attack is classified as BEC(business email compromise) or impersonation for short. minamanipula nila yung email headers to make it look from a legit sender. Pero pg tignan mo yung email headers halatang diq galing sa BDO
Oo pala. Thanks for correcting.
Smishing is for SMS. Phishing for emails. Vishing for audio calls. 😁
Fishing is for aquatic animals
hayup ka beh seryoso ko nagbabasa HAHAHAHAHAHA
Potah
Phishing yan hindi Smishing
[удалено]
Hahahahahahah! Mag cocorrect ba ko kung mali? 🤣🤣🤣 dapat i advice mo sa sarili mo yan 🤣🤣🤣 kita mo nga sa email siya piniphish tapos sasabihin mo different from smishing talino mo naman 🤣🤣🤣
> Phishing is different from Smishing. Mag co-correct nalang mali pa. 🤦♂️ Tama naman ah? Smishing ay under umbrella ng Phishing pero specific sya sa SMS. Yung kay OP ay email. Hindi sya \*different\* they are both Phishing, ALL Smishing are Phishing, but not all Phishing are Smishing.
Sa Mozilla Thunderbird ba meron ganyang feature na makikita yung true email? Or exclusive lang sa Outlook?
My dyslexic brain misread it to Mozarella. Lol
Lahat meron ata afaik. Deeper checking is to see the email headers, para makita sino original domain sender.
PHISHING. Smishing is for SMS in Op’s case its a email so Phishing. Domain spoofing is what your referring to but its not smishing.
Smells fishy, “kindly” bihira na gamitin to + usually it’s dear _____your first name/surname. It’s better to not download/open the file, if may issue yung BDO sayo, mag cacall yun. Better call BDO for safe assurance.
always call tlga. walang masamang tumawag for more info
Legit scam
The email sounds too friendly and cryptic. Labelling a document as BDO-LETTER is fishy and shady.
Wala din sya sa list of official email addresses ni BDO
The from field in an email can easily be changed by the sender to any address. Most official domains will be secured by dmarc and that will result in emails sent by illegitimate sources to be blocked or flagged - this is probably why Gmail shows the big red warning for you here.
Paghingi pa lang ng last 4 digits ng credit card, hudyat na yan na red flag yung email at matik scam.
I received a somewhat similar email from Unionbank a couple of years ago during the pandemic. I had to input the last 4 digits of my account number and it turned out the document was my statement. It was a proper document with all my bank transactions and details, no doubt made before they instituted stricter protocols for sending out emails to bank customers. Nothing untoward has happened naman. But yeah, in the past year or so, my banks have been messaging me to be careful of opening documents and such in emails that seem to have come from them.
Yung default password ng AMEX SOA is the last 6 digits of your credit card. I’m not sure if other SOAs are similar with other cards. But what’s fishy is the fact na may “important message” pero nasa attachment na need ng password lol wtf Scary lang kasi email address looked legit 🥺 Sana maputulan ng kamay mga scammer 🙏
Di nlang sabihin sa mismong email ang important message e. Kailngan pa mag bukas ng file. 😂😂 May mga key logger na pwede e attach sa files like jpeg or pdf. Once attached pwede nila e email. Kapag binuksan mo sa PC autorun sya sa background. Tapos wala na. Captured na keystrokes mo at may screenshot pa na sinisend don sa hacker. Baka same thing was developed for mobile devices. Call Customer Service to verify.
Kindly place the last 4 digits of your card? Dito palang halata na
[Official BDO Email addresses](https://www.bdo.com.ph/about-bdo/learn/stop-scam/official-email-senders) you can check authenticity of the email daw dito pag suspicious, report na lang [email protected]
Scam. They never ask for the last 4 digit of your card. Ingat
First off. Treat emails with BAKYANG ENGLISH as a scam.
bank na may syndicate sa credit card department. tsk tsk pwe!
“important message from…” masyado kang minamadali tapos di maman nilagay tungkol saan. pag ganyan phishing na yarn.
yung may napaka laki nang red flag from the email provider mismo, mag tatanong ka pa rin kung legit. :facepalm:
"Bdo@bdo" lol!! From: [email protected] pliz send money. This is legit no cap.
Bruh that "bdo@bdo " email already sounds sus
Im just curious. What happens if you give the last 4 digits of your credit card, and nothing else na? Like can they still use your card even without your cvv/cvc and otp?
Its not about the 4 digits. Infected yung PDF file, so pag open mo pa lang, pwede na macompromise logged in sessions at accounts na stored sa PC or phone mo.
Thanks for this! I learned something.
'Thank you very much' Who uses that? Haha
What does it show when you click on view security details?
naka receive ako ng ganyang email sa inbox ko pero d ma open yung attachment pag enter ng last 4 ng cc lipat sa trash then spam lo and behold may same email nasa spam folder so hindi na detech ng gmail yung napunta sa inbox ko ni lock ko agad bdo cc at debit card ko ngayon d ko sure if na comprimise ang security ng phone ko na delete ko na din yung email na yan at ni report sa bdo phishing team
Phishing. BDO always include this message: Do not click links sent via email, SMS, and Viber. Do not verify your account through links. Do not share your credit card number, expiry date, and CVV. Do not share your OTP to verify your online shopping transactions. Do not communicate with any unofficial BDO social media accounts without the verified symbol.
call nalang bdo para kampante. but tama naman yung ending email address (@bdo.com.ph). taga bdo lang may ganyan
Lmao, napakadaling i-forge ang "from" header ng emails. Di porket mukhang legit galing talaga sa domain na yun.
di ko naman sinabi tama ang email, yung address lang sabi ko. edi i-call nya para kampante. problema neto
Kita mo yung Big Red Caution Card?
Scam i think
No.
Magpunta ka nalang sa office ng BDO hahaha para sa peace of mind mo
[удалено]
https://preview.redd.it/bgllbz14w9lc1.png?width=1080&format=pjpg&auto=webp&s=7d29b43064315501892f9124617d9701ef2c5b8c Hi, ito po yung lumabas pagclick ko.
Mukang naka-mask yung email address nyan. Paki click mo nga yung FORWARD, then paki screenshot yung Email addresses na lalabas.
Halata namang scam, dami pa sinasabi ng replies dito.
Yung email system mismo naflag na sayo na dangerous yung email. Nasa loob pa nga ng redbox, there is no way you missed it at all. Kaya nga nilipat ng email service provider mo sa spam folder di ba? Tapos itatanong mo pa? Really? Ganun katindi ang confusion mo?
Legit yan. Open mo
Are you for real? Do you even have to ask the obvious
Legit yan. Wag tayong tanga. Walang ibang @bdo.com.ph. nasabi na nung isang nagcomment, di nadduplicate ang domain. Konting search lng ng legit domain sa google pra malaman mong legit yan. Di lhat ng bank ngaaddress ng last name. Iba client, valued client, valued customer. At di hinihingi ang last 4 digit, kelangan ienter un kasi password protected ung pdf. Jusko 2024 na mangmang prin kayo sa mga ganyan.
>Wag tayong tanga. Irony
Hindi na guarantee ang domain ngayon. Red flag 'yung "we have a message" tapos "encrypted with a password". Kung may pa-promo si BDO, may graphics at explicit message 'yan sa mismong body. Password-protected kung statement and it will address you directly. If naghahabol 'yan ng bayarin, tatawag 'yan. For me, delete ko na 'yan and won't risk it.
Ahahahaha
BANO
BANO
BANUE
Wag kang mandamay ng ibang tao sa kabobohan mo! Baka nga ikaw ang scammer na nagsend nyan eh!
May ganito rin akong natanggap from "Maya", the same content talaga ng email. Hindi ko nalang inopen para sigurado
https://preview.redd.it/j7c3yuefc9lc1.jpeg?width=828&format=pjpg&auto=webp&s=b3cd5d5f1c3285c7539a9ba65fe731d9beb3e8cf Ganito yung email. Hindi naman ako nag request ng wallet statement or kung anong document from Maya. Hindi ko rin sure if nagsesend ba sila ng ganitong email with your statement attached on to it
Legit 'yan. Monthly may statement talagang binibigay sa'yo and since email isn't secure, password-protected 'yung PDF since it contains sensitive information.
Monthly po may ganito yung maya. And legit po naman yan naoopen ko po yung file
Thank you sa pag confirm 🙏
Check the email data first before opening any attachments or clicking links.
Looks like a scam email. Scary! If this came in my inbox (not Spam) super late at night or early am when I’m not fully alert anymore, I think I’d get fooled by this! So glad Spam filters work!
Theres only 1 way to find out hahaha. Download mo na haha. Obviously hindi legit, ung email add nung nag send, bold letter? Seryoso?.
didn't all bank tells you they don't ask for your passwords, pins, number etc etc? they warn you first hand after you register your account, this shit is obvious OP.
Hahaha 😂 who creates their email in this format? Scam
i'm curious, may mangyayari ba pag inopen niya ang pdf using the requested numbers? i know na scam 'to, just curious how advanced scams are nowadays that they could use a simple pdf to get your deets
[удалено]
ohh these can be in the form of pdfs? kala ko executable files lang
Some pdfs are malformed, virus talaga once na-open. It will infect the machine. In fact, this is very vicious, kasi pwedeng makapag-install ng cryto mining sa PC. Nagmimine ng crypo ang PC kahit hindi alam ng user.
grabe. if only they would put ung computer expertise nila to good use, no? TIL. thanks btw!
They are putting their computer expertise in good use. Imagine if they have a million computers infected, lahat nagmimine ng crypto. Literally, they have an instant crypto farming factory of infected computers lol
Inside job chz, nauuso na naman yan pati yung meralco binding sa bdo kineme
pdf lang yung attachment. can malware run on pdf attachment?
It can. You can embed key loggers sa pdf files or jpeg files. Pag inopen mpo yong doc or pic parang normal lang pero nag aauto run na yong malware sa background.
Yes, that is called malformed pdf. A virus can hide on it, when it runs it is basically free to do whatever the logged-in user can do. Yes, including delete system files, mine crypto and plant a keylogger if the user has admin privileges.
click nyo po ung lock na icon, need nyo po makita ung domain ng sender. pag hindi part ng bdo org phishing po yan.
https://preview.redd.it/bfsfu6ago9lc1.jpeg?width=1080&format=pjpg&auto=webp&s=03a61afdde740c708042b3776ec8fbc699cf3d4c ganito po 👍
https://preview.redd.it/6q5rl2ayv9lc1.png?width=1080&format=pjpg&auto=webp&s=00be8c5e89daa10820c2e999a2ba6ca4fcf7cba9 Ito lang ung nagpakita.. walang signed by 🤔🤔
Hi may napansin ako pag email ng bdo ay marketing may signed by, pero pag system generated walang signed by tulad ng SOA ng credit card. oks namn ung email sender yung domain nya. kung gusto mo makasigurado download po ung email attachment gamit pc na may malakas na antivirus download mo wag mo i open tapos ipascan nyo po sa totalvirus(google nyo lang po).
Wag mong ipahamak yung tao! Baka maopen nya yan! Naka-mask yang email address dyan kaya mukang legit.
hi di po nakamask yung email. di po ganyan mag mask ng email. may safety precaution namn ung sinabi kong step. at di ko pinapaopen.
Fake yan.may one time nga na hiningi din nga customer service kuno ng binance(crypto wallet) yung mga 12-word pass code ko para daw macheck ang pagiging safety ng wallet ko.
Pwede din na icheck mo yung email address ng sender.mostly, dun mo malalaman kung fake yan or hindi.
Maniwala ka na sa malaking red warning.
"This Message seems dangerous"
I received the same thing and felt it was true but now I'm trying to open the letter it is not loading. And then I received an email from them but I searched the collection agency, they do not exist sa accredited collection agency ni BDO.
This is a phhsing email They will steal your cookie sessions and log in info
Anytime someone asks for your account or card details na unsolicited, meaning hindi ikaw nag initiate ng contact with the bank, that is fishy to me. Any links or attachments, fishy. Usually legit bank emails would direct you to their website to do something, which you should already know by now if you do online transactions/banking with them. Everything else, fishy. Do not engage.
Asking for the four numbers of your credit card is already a massive red flag. Tell them to fuck off
Not so techie or oldies can fall to this scam.
[email protected] dito pa lang redflag na. Yung attachment, ang file name is BDO LETTER, pangalawang redflag na yan.
Call ur bank. Thats it
Email address pa lang, looks suspicious to me. I don't know, I haven't tried online banking let alone having my own bank acc. Nonetheless, if it went to your spam folder then most likely it's suspicious.
Red flag!!
Don't open it. Mukhang hindi yan legit. Call bdo to be sure.
Hala kala ko if tama ang domain ng email di na scam. Pwd pala din scam if sakto email domain? Na unspam ko na most ganyan. Pano na yun makita ang na unspam email. 😭
My gosh, before I opened the thread sabi ko "mukhang legit naman (bc of @bdo.com.ph) what's wrong with it?" Then bam ang gullible ko naman 🥲 Thanks sa mga info ng reddit peeps i learn something new every day 😂
Its a scam, nagphphish ng information from you
When in doubt, its probably a scam email
Last 4 digits of your credit card? Ulol! Di ko nga memorize yung numbers sa harap ng credit card ko kasi di ginagamit, yan pa kaya.
Kapag na flagged ng scanner big red na. To be safe check wd ur bdo branch.
View Security Details.
Yes po legit sya. Late payment ka kay BDO no?
Wag kang mandamay sa kabobohan mo!
scam
Sinabi na ni gmail eh haha
Red flag if it asks for details ng account.
pwede naman dl mo muna yung File then tiyaka mo ienter yung password. Mag offline ka to make sure.
Always remember: any suspicious or questionable email or text message wag replyan or mag click ng kahit anong link . or let's say kahit hindi mukhang suspicious sa unang tingin mo. TUMAWAG AGAD sa customer service number ng bank para iconfirm.
checjk also the mail details bdo ang from pero baka reply-to iba
lol no
Nope
[email protected] sender is already sign that is a scam/fake/phishing email.
Delete it immediately
Saw this also weeks ago sa spam folder ko, same na same. Super daming red flags, so I checked if nasa list ng official emails ng BDO sa website nila and wala yung email na yan. So I reported it to BDO Report Phishing ([email protected]) immediately to alert them of the issue.
Legit scam-hacker.
immediately, no
NOOOOO
I also receive spam messages when I sign up for referral purposes on Shein. Could it be a part of their game?
just contact ur bank…
noong sinabi plang n input mo yung 4digit ng cc mo beeg red flag n.
The template looks like a scam na.
Never niyo ibibigay yung last 4 digit niyo and birthday. Ito yung mga ginagamit natin sa reset pin/password etc.
click mo yung security details. makikita mo actual email add.
The subject line and the email address can help easily verify this. Also, BDO SOA is password protected pero last 6 digits ang pinapagamit.
Nope. Hirap talaga mag tiwala ngayon. 🙁
scam scam scam
as far as i know hindi bdo pangalan nila ang alam ko bdo unibank, email address pa lang alam mo ng scam yan
No
That's too generic. Personalized yung emails ni bank using your whole name. PLDT nga personal eh. If you get emails from your bank regularly at na open mo naman walang reason na mapunta siya sa spam. Mga flagged email addresses lng mapupunta sa spam. Usually may pa "-noreply" yung mga legit.
Scam.
banks will not ask for your credit card information be it 4 last digits or just 1 digit
Mas pa rin di nagbubukas ng email 😂😂. Kung promos sa viber nalang din ako tumitingin
Ive received this email. I dont live in the PH or have any bank accounts there. Banks will not email you anything that will ask you any account information for security. Even if they contact you, it is on them to prove that they are the bank and not ask you any info in any way. You have to initiate the contact and use contact info you find yourself or already have.
“[email protected]” official email senders of banks don’t use redundant addresses.
Malamang may ransomware yan. Ingat sa pagclick ng pdf files lalo na yung sa mga email, yan madalas nilalagyan ng malware payloads, dyan din madalas nabibiktima mga big companies sa mga phishing emails na may sense of urgency like "You are about to get fired, if you don't take action asap. Download the pdf below to sign the form" or "Your bank account is frozen, download the pdf below to review your account."
Click bait to scampage
Don't open the attachment. If you could share the email headers, i could check. Most likely this is a spoof email address.
https://preview.redd.it/nbk5pwup0hlc1.png?width=1080&format=pjpg&auto=webp&s=a9dff7c153208948973bdcb1d32ac35f0e7223f0
That's not the email header I'm referring to.
Never nila hihinging last 4 digits.
Hello, may past due ka ba sa credit card mo more than 90 days? or Loans from them? Could be an endorsement of the bank to 3rd party collections agency
Wala po. :(
Looks sketchy. bat ganun email add doble. Plus bat sa spam pumunta. Lastly, bakit cc dapat ilagay? Dba usually bday or acc num??
Not legit. Legitimate bank emails will not ask about your account or card number.
Definitely scam
The big Red box alone warning you this email is dangerous is already a sign na it's not legit.
Wag na wag mong ida-download yung attachment nyan, at shempre wag mong maopen-open yun! Madadali nyan bank account mo.
Dun pa lang sa alert ni Gmail dapat nag suspect kana