Blogger Engineer

Philippines InfoSec News

Internet Security News Phishing

BDO smishing continues

ByFjordan Allego

Oct 15, 2020 #BDO, #BDO phishing, #BDO scam, #BDO smishing, #Facebook scam, #phishing, #smishing

New variants of text-based phishing messages aka smishing have been seen recently online with quite a number of netizens posting screenshots of what they’ve received supposedly from BDO.

Earlier this week, BDO released an advisory on their official Facebook page warning their account holders of the increasing reports that they’ve been getting.

Did you receive this scam text? Scammers send out messages like this to thousands of mobile numbers, even to non-BDO customers. Alert your family and friends who may have also received the text.

Be smarter than a scammer. Do not click on this link that asks you to verify suspicious account activity.

Remember: We will never send you links to verify your account or to collect customer information. #BDOAntiScam

BDO Official Facebook Page

These smishing campaigns are not only being sent out via SMS. There were Facebook accounts (allegedly compromised) that were being used to spread the same messages via Messenger.

BDO has been the subject of online bashing for the poor service of their mobile app. This is most likely the reason why the scammers behind this recent surge of smishing targetted the bank.

It is worth noting as well that the people behind this scam is also the same ones targeting UnionBank customers. One netizen shared a screenshot of an SMS he received last month supposedly from UnionBank. The same sender also sent a message with BDO phishing link this week.

Another variant of this smishing campaign makes use of a BDO-related URL but eventually redirects to a BPI phishing site.

We reviewed the domains associated in these variants and they’re all related to the same IP address that we reported last month.

Below are the new malicious banking domains associated with the IP 163[.]44[.]136[.]225:

Date RegisteredMalicious Domain
2020-10-12bdoonline-privacy[.]com
2020-10-13bdoonlinesecurity[.]com
2020-10-13onlinebdo-security[.]com
2020-10-05metro-bank[.]xyz
2020-09-16online-bdobank[.]com
2020-09-14onlinebdobanking[.]com
Fjordan Allego
Follow me
Latest posts by Fjordan Allego (see all)

Related Posts:

By Fjordan Allego

Fjordan Allego aka Fjordz is an IT security practitioner in the Philippines. He maintains a couple of blogs where he shares his views on various topics that he finds interesting. A self-confessed introvert who's mostly active in social media, Fjordz also loves to travel and explore the wonders of the world.

Related Post

Mobile News Product & Services

PH releases first Super App ‘eGov PH’

Jun 3, 2023 Fjordan Allego
News

Finding the Best Place for Repairs After a Car Accident

Feb 27, 2021 Fjordan Allego
Internet Security News

ABS-CBN YouTube channels hacked by crypto scammers

Nov 4, 2020 Fjordan Allego

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

You didn't catch it

Mobile News Product & Services

PH releases first Super App ‘eGov PH’

June 3, 2023 Fjordan Allego
News

Finding the Best Place for Repairs After a Car Accident

February 27, 2021 Fjordan Allego
Internet Security News

ABS-CBN YouTube channels hacked by crypto scammers

November 4, 2020 Fjordan Allego
data privacy Internet Security News Phishing

Hackers target Alodia’s fans via Facebook phishing

October 22, 2020 Fjordan Allego