2021-07-27 | Awas Modus

Beware of Credit Card Data Phishing via Email, Social Media, or WhatsApp!

Hello BCA Customers, especially BCA Credit Card users. Beware of the recent frauds, namely credit card data phishing via email, social media, or WhatsApp.

Let’s find out the characteristics of this fraud and how to avoid phishing.

TYPE AND CHARACTERISTICS

Illegitimate transactions notification and e-Statement email

  • Fraudsters would send you an email imitating BCA’s e-Statement email (billing statement) and transaction notifications.
  • Fraudsters will try to get cardholders’ personal data (credit card numbers, expiration date, and CVV) via a link or an attachment sent along with the email.
  • If the email uses the e-Statement modus, then fraudsters will use an attachment. As BCA cardholders, victims are likely to click the attachment link as it is related to their e-Statement. However, the file attachment type and the email are not officially coming from BCA.
  • If the email uses the transaction notification modus, then fraudsters will use a link as a means to block victims' credit card in the email body. As BCA cardholders, victims are likely to click the attachment link as it is related to transactions they never made, and fill in their personal data.

Fake Social Media or WhatsApp

  • Fraudsters approach BCA cardholders via social media or WhatsApp accounts imitating BCA’s official accounts.
  • Fraudsters would inform that there is a suspicious credit card transaction.
  • Fraudsters would give a credit card blocking link via social media or WhatsApp channels. Tricked cardholders may automatically fill in their personal data.
  • Fraudsters would try to get cardholders’ personal data (credit card numbers, expiration date, and CVV) using the link.

TIPS TO STAY AWAY FROM BEING A PHISHING VICITIM

To keep yourself away from phishing, follow these tips.

  1. Know BCA’s official emails:
    • The official email for transaction notifications: KartuKreditBCA@klikbca.com
    • The official email for billing statement notifications: eStatement@klikbca.com (no “-” between the “e” letter and “Statement” and the attachment file type is PDF)
  2. Know BCA’s official social media and WhatsApp accounts:
    • BCA’s official social media accounts are: @HaloBCA on Twitter and @GoodLifeBCA on FB/IG. See the full list here.
    • Beware of BCA fake accounts. Check Be Aware of Halo BCA Fake Account on Social Media for more information.
    • All BCA verified accounts have blue verified badges.
    • BCA’s official WhatsApp number is 0811-1500998 (Bank BCA) or check here to share on WhatsApp.
    • BCA’s official WhatsApp has a green verified badge.
  3. Official channels to block BCA credit card are:
    • BCA mobile app
    • myBCA app
    • Halo BCA app, or
    • Halo BCA call at 1500888
  4. #DatamuRahasiamu. Always protect your personal credit card data and never share it to anyone: credit card numbers, OTP code, PIN, expiration date, and the CVV/CVC numbers.

From now on, be more aware of receiving suspicious emails, social media or WhatsApp messages. To learn more on phishing frauds, read: Be Aware the Danger of Phising!