E-wallets Security

Medalla Says GCash Hit by Phishing Scam, 80% Of Lost Funds Already Recovered

The Bangko Sentral ng Pilipinas’ (BSP) Governor Felipe Medalla said that the recent unauthorised deductions from mobile wallet GCash amounting to PHP 37 million (approximately US$660,000) was the result of a phishing incident and not hacking, according to a report by Philstar Global.

Medalla echoed the claims made by GCash which denied that it was a hacking incident and went on to adjust the funds that were lost from its users.

The governor spoke to reporters on the sidelines of the 23rd Financial Stability Board-Regional Consultative Group in Asia Meeting in Cebu that the incident occurred when the affected users had shared their one-time passwords (OTPs) with fraudsters.

The funds from the affected GCash accounts were reportedly transferred to accounts under Asia United Bank (AUB) and East West Banking Corp. (EWB).

He added that both the banks had managed to swiftly freeze the accounts involved, enabling GCash to recover 80% of the funds.

According to Medalla, BSP is looking into the owners of the bank accounts that received the fund transfers.

Felipe M. Medalla

“The scammers will use your own greed. For some reason, they (scammers) were able to convince the person to give their OTP despite all the warnings to never share the OTP. The only way that will happen is if there’s somebody talking to you on the other side (to share your OTP) that’s very convincing.

Fortunately, GCash is fast, they traced the two bank accounts where most of the stolen money were lodged. In fact, the two banks told me that they have restored the money to GCash,”

said Medalla.