In an interesting move by a foreign bank to protect consumers, UnionBank of the Philippines on Tuesday said it will no longer use clickable website links in promo materials as a way to protect online users from becoming victims of phishing, smishing, and other online fraud.
Bank officials said the move was part of the company’s attempt to address the surge in smishing attempt made via text messages to customers.
Henry Aguda, senior executive vice president at UnionBank, was quoted in GMA News Online saying that the bank had complemented the recent measure with its #CyberSure information campaign, a program that offers Filipinos actionable guidance on how they can protect themselves from cyber threats and practice good cyber hygiene.
“If everyone does their part, the interconnected banking world will be more resilient for everyone,” Aguda said.
A single organization attempting to train customers not to click on links will probably not have much of an effect as long as most other financial organizations use links in their legitimate communications, said Oliver Tavakoli, CTO at Vectra.
“End-user expectations are set through the accumulated experience they have with legitimate businesses,” Tavakoli said. “Finding ways to encourage customers to enable MFA is more likely to cut down on online fraud involving access to customer bank accounts.”
James McQuiggan, security awareness advocate at KnowBe4, added that when financial institutions inform a user of an important message, the user should log into their application and verify the message.
“Users should trust and verify all messages, especially if they are not expecting it or if it is from someone they do not know,” McQuiggan said. “People should use the message as a springboard to log into the site to check its validity."