Style Living Self Celebrity Geeky News and Views
In the Paper BrandedUp Hello! Create with us Privacy Policy

P1 M was hacked from Sen. Gatchalian’s credit card—here’s how to prevent it from happening to you

By PhilSTAR L!fe Published Jan 06, 2021 9:01 am Updated Jan 07, 2021 3:05 am

Senator Sherwin Gatchalian's credit card was hacked after P1-million worth of food was ordered from a food delivery service within one hour, raising anew the critical importance of cybersecurity in the country.

Earlier today, Jan. 6, the politician tweeted a screenshot of credit card transactions he wasn’t previously aware of. “My credit card has just been hacked!” he wrote as a caption.

But unlike usual credit card scams, the hacker did not use the senator’s card on gadgets, appliance, or other expensive items, but on food deliveries totaling P1 million.

“May nag-order ng P1M worth of food sa Foodpanda in less than an hour. Ano ‘yan lauriat para sa buong barangay???” he added.

The entire fraudulent transaction was done in four batches worth P96,265, P323,247, P356,517, and P300,851 from 4:47 p.m. to 5:49 p.m. of Jan. 5.

CNN anchor Menchu Macapagal asked the senator, “Whoa! Your credit card company didn't send you a message to confirm if you were indeed making these purchases before it allowed the transactions?”

The senator replied, “The hacker managed to change my registered phone number so he got the OTPs (one-time passwords).”

“He knew what he was doing. I just don't know how he will eat a million worth of food,”  Gatchalian remarked.

Most banks in the country have multiple layers of safeguard to ward off hackers.

Banco de Oro, for one, allows you to change your account details on its website, but the changes will only be applied after you verify them via e-mail or ATM.

Bank of the Philippine Islands requires you to download its customer information sheet on its website, then submit it to any BPI branch with a photocopy of one valid ID.

Meanwhile, Citibank credit cardholders can update their information through its mobile app or website, which requires a password or OTP.

Gatchalian revealed in an interview with Business Mirror that he has made several purchases online especially during the pandemic, but stressed that he seldom goes beyond P2,000.

The senator is considering the possibility of an ‘inside job,” but clarified that it’s too early to conclude, as he has yet to file a police report as of press time.

“I don’t rule that out. In fact, I don’t rule out na mayroong coercion to and I don’t rule out mayroon ‘tong cooperation or insider cooperation. Pwede sa Foodpanda, pwede rin sa bangko, puwede rin sa iba pa. We need to investigate this but we cannot rule out anything right now,” Gatchalian said in another report.

How to stop a fraudulent credit card transaction

If you find yourself a victim of a cyber hacking incident, report the fraudulent transaction to your card provider immediately. Here’s how:

  1. Call your bank’s hotline to request them to block your credit card. If the line is not accessible, send the request through your online banking app or the bank’s website.
  2. Once your card is blocked, file the dispute as an unauthorized transaction/s.
  3. The bank will replace your card—which should include a new card number—and the transaction will be investigated.
First things first: Always check the legitimacy of the websites you're sharing your card details with.

Practice safe online transactions

While there’s nothing wrong with treating yourself to something nice, or pricey, every once in a while online, it’s best to do it without compromising your security. 

For that, Angel Redoble, President of Philippine Institute of Cyber Security Professionals, recommends double-checking the website’s legitimacy.

“Try to search sa Google ‘yung site na pinagbibilhan niyo. Konting due diligence lang sa website kung saan kayo magta-transact,” he told PhilSTAR L!fe. “Tapos hanapin niyo ‘yung padlock. Meron padlock na sign doon sa URL level.”

Redoble added that websites with digital signatures, which corresponds to the letters at the beginning of a website’s URL, are more likely to be safe: “‘Yung digital signature na ‘yun will always point to the legitimate website. For example, yung http, look for the https.”

It would be best, according to Redoble, to transact your online purchases using a credit card with low credit limit. He explains, “Don’t use the credit cards na may malaking credit limit. Kasi ang mga bangko ngayon nagbibigay na rin sila ng credit card na pang-online—mga 10,000 to 30,000 credit limit lang. ‘Yung mga hundreds of thousands credit limit, use very seldom na lang para hindi ma-acquire ‘yung information,” 

In addition to that, make sure to unselect the “save my card” option on the website upon checking out your online cart.

“Kung merong two-factor authentication na ise-send kapag nag-purchase ka, ‘yun ang secure,” Redoble added.

Banner photo from freepik and Senator Win Gatchalian's Facebook and Twitter accounts.