GCash has proven its resiliency after it stopped a huge hacking attempt that could have cost millions of pesos from its customers.
According to a report by the Philippine Daily Inquirer, GCash said that on Monday night, it noticed a pattern of unusual transactions from its users’ e-wallet accounts. Some users reported seeing deductions in their balances without their consent. The transactions were being directed to two bank accounts, one from EastWest Bank and another from Asia United Bank.
GCash immediately launched an investigation and immediately placed a hold order on the transfers once the pattern was detected. The company estimated that the total amount of the attempted theft was around P37 million, taken from GCash users in small amounts.
A Globe official explained that the transfers initially looked “legitimate” but were later found to have been perpetrated by bad actors using data obtained from users through phishing methods.
“It’s not a case of hacking in that sense,” the official told Inquirer. “And since these are banks which are involved, we also don’t want to fuel [this kind of] talk.”
Earlier, GCash denied any hacking incident after several users reported unauthorized transactions from their accounts on Monday, May 8. The company extended a scheduled maintenance to investigate the matter, which made the app inaccessible for several hours.
Gcash released an advisory in response to rising complaints of deducted e-wallets. The company assured that there was no fund loss and that the affected users will receive their correct balances by 3 pm on Tuesday, May 9.
“Some users may have experienced a deduction in their GCash accounts yesterday. We extended our scheduled maintenance to investigate and determined that no hacking occurred,” GCash said. “Any deduction from a GCash account will be adjusted before 3 pm today,” it added.
Gcash also reminds its users to never share their one-time passwords (OTPs) and/or mobile personal identification numbers (MPINs) with anyone, as these are the keys to accessing their accounts.
Image Credit: Emil Kalibradov (Unsplash)