As more Filipinos turn to online banking, e-wallets, and digital communication, cybercriminals are getting increasingly clever at stealing personal information. Two of the most common threats today are phishing and smishing scams. Knowing how these scams work—and how to respond—can help protect your information and hard-earned money.
Keep reading to learn how to spot these digital scams and stay safe online.
The Difference Between Phishing and Smishing
Phishing typically involves emails or fake websites that impersonate trusted institutions like banks, telecom companies, or government agencies. Meanwhile, smishing (SMS + phishing) is a type of social engineering attack that uses text messages to trick you into sharing sensitive information.
Despite the difference in method, both scams share the same goal: stealing your personal information.
Common Phishing and Smishing Scams in the Philippines
Scammers are becoming increasingly sophisticated with their methods, but there are still telltale signs. One thing most scams have in common: they prompt you to click a link. Here’s a guide to the most common scams today:
1. Bank and eWallet Scam
Scammers send SMS, email, or app messages pretending to be banks or e-wallet providers, claiming your account is locked, compromised, or shows suspicious activity. They ask you to click a link to “verify” your account, but it leads to a fake site that steals login credentials, OTPs, or other sensitive information.
2. Rewards and Promo Fraud
You might receive an email or text claiming you’ve won a holiday trip, discount, or unclaimed rewards—sometimes even using your name. The message asks you to click a link and provide personal information, which can put your financial and personal data at risk.
3. Job Offer and Investment Fraud
These scams promise quick income through online tasks, investments, or product reviews. They ask you to click a link to learn more about the opportunity, but the site is fake and designed to steal personal or financial information.
4. Calamity Assistance Fraud
Scammers impersonate government agencies offering disaster-related aid. They ask you to click a link to claim assistance, but the link leads to a fake page designed to capture your personal or banking details.
5. Fake Telco Offers
Scammers pose as telecom companies, promoting fake deals or giveaways—like free phones, data, or exclusive bundles. They ask you to click a link to claim the offer or provide personal information, but the link usually leads to phishing sites that steal sensitive data.
6. Social Media Impersonation Scams
Fraudsters create fake profiles or hack accounts of friends, celebrities, or brands. They send messages asking you to click a link, download an app, or send money. These links or attachments can steal personal information or install malware.
7. Fake Online Marketplace Scams
Scammers post fake ads for popular items at discounted prices. They ask you to click a link to pay or provide personal info, but the products never actually arrive, and the link can harvest your financial details.
8. Loan or Credit Scams
Fraudsters offer quick loans or credit approvals online, asking you to click a link and submit personal or banking information. They often charge “processing fees” and disappear without giving any loan.
9. Subscription Traps / App Scams
Some apps promise freebies, games, or utilities, but require access to personal information or the device itself. Clicking these links can result in unexpected charges or malware installation.
10. Charity or Donation Scams
Scammers exploit disasters, holidays, or fundraising campaigns. They ask you to click a link to donate or claim aid, but the link redirects to phishing sites that steal banking info.
How to #BeCyberSmart
Protect yourself from online scams with these simple steps:
- Don’t click suspicious links in texts, emails, or social media messages.
- Never share your OTP, PIN, or password. Legitimate companies will never ask for them.
- Check URLs carefully—phishing sites often have misspellings or extra characters.
- Don’t use public WiFi when accessing online banking or making transactions.
- Keep your devices (and their security features) updated.
- Enable two-factor authentication (2FA) for an extra layer of security.
- Be wary of “too good to be true” offers, such as instant rewards, big prizes, or guaranteed profits.
- Educate family and friends, especially those less tech-savvy.
If you receive a suspicious call or message that resembles any of the scams listed above, report it immediately on Smart’s HuliScam portal.
By doing so, you’re helping Smart track and block scammers, prevent others from falling victim, and strengthen overall cybersecurity in the community. Prompt reporting makes it harder for cybercriminals to succeed and keeps everyone safer online.
In the fight against online fraud, awareness and prompt action are your greatest allies.
