Phishing Attack Prevention Guide
Learn to identify and protect yourself from phishing scams targeting Filipinos. Stay one step ahead of cybercriminals with our interactive demos and expert tips.
Phishing Attack Prevention & Live Demos
⚠️ EDUCATIONAL DEMO ONLY - These are fake login pages to show you what phishing sites look like!
👤 What Users See (Fake Facebook Login)
💀 What Hackers See
INTERCEPTED DATA
EMAIL: [Not captured yet]
PASSWORD: [Not captured yet]
IP ADDRESS: 192.168.1.100
BROWSER: Chrome 120.0
LOCATION: Manila, Philippines
🏦 What Users See (Fake BPI Login)
💀 What Hackers See
INTERCEPTED DATA
USERNAME: [Not captured yet]
PASSWORD: [Not captured yet]
IP ADDRESS: 192.168.1.100
BROWSER: Chrome 120.0
LOCATION: Manila, Philippines
🏦 What Users See (Fake BDO Login)
💀 What Hackers See
INTERCEPTED DATA
USER ID: [Not captured yet]
PASSWORD: [Not captured yet]
IP ADDRESS: 192.168.1.100
BROWSER: Chrome 120.0
LOCATION: Manila, Philippines
📱 What Users See (Fake GCash Login)
💀 What Hackers See
INTERCEPTED DATA
MOBILE: [Not captured yet]
MPIN: [Not captured yet]
IP ADDRESS: 192.168.1.100
BROWSER: Chrome 120.0
LOCATION: Manila, Philippines
💳 What Users See (Fake Credit Card Payment)
💀 What Hackers See
INTERCEPTED DATA
CARD NUMBER: [Not captured yet]
EXPIRY DATE: [Not captured yet]
CVV: [Not captured yet]
CARDHOLDER NAME: [Not captured yet]
IP ADDRESS: 192.168.1.100
BROWSER: Chrome 120.0
LOCATION: Manila, Philippines
🔗 URL Link Verifier
Enter a website URL to check if it's legitimate.
🚩 Warning Signs of Phishing Scams
- Suspicious URLs: Fake domains (e.g., bpi-security.com vs bpi.com.ph)
- Urgent Language: "Login now or lose access!" to create panic
- HTTPS Absence: No padlock icon in the browser
- Poor Design: Misspellings, wrong logos, or low-quality graphics
- Unexpected Requests: Emails or SMS with login links you didn't request
- Subdomain Tricks: e.g., gcash.phishing-site.com
- Typosquatting: Slight misspellings (e.g., faceb0ok.com)
🛡️ How to Stay Safe
- Verify URLs: Always check the website address before logging in
- Use Bookmarks: Save official websites for quick access
- Enable 2FA: Add two-factor authentication to your accounts
- Avoid Links: Type URLs directly or use official apps
- Update Software: Keep browsers and antivirus updated
- Report Suspicious Sites: Contact your bank or platform immediately
How to Spot Fake Login Pages
- Check the URL: facebook.com vs faceb00k-security.com
- Look for HTTPS: Secure sites have a padlock icon
- Verify Spelling: bpi.com.ph vs bpi-security.com
- Check Design: Poor quality graphics, wrong fonts
- Test Buttons: Fake sites often have broken links
- Domain Age: New domains are often suspicious
Common Phishing Techniques
URL Spoofing:
Real: facebook.com
Fake: faceb0ok.com, facebook-security.net
Real: facebook.com
Fake: faceb0ok.com, facebook-security.net
Subdomain Tricks:
Real: bpi.com.ph
Fake: bpi.phishing-site.com
Real: bpi.com.ph
Fake: bpi.phishing-site.com
Typosquatting:
Real: gcash.com
Fake: gcashh.com.ph
Real: gcash.com
Fake: gcashh.com.ph
Protection Strategies
🔒 Always type URLs directly into browser
🔒 Bookmark official bank/social media sites
🔒 Use two-factor authentication
🔒 Keep browsers updated
🔒 Use reputable antivirus with web protection
🔒 Never click links in suspicious emails/SMS
🔒 Bookmark official bank/social media sites
🔒 Use two-factor authentication
🔒 Keep browsers updated
🔒 Use reputable antivirus with web protection
🔒 Never click links in suspicious emails/SMS
What to Do If You've Been Scammed
Immediate Actions
- Stop Interacting: Don't enter more information
- Save Evidence: Screenshot the phishing page
- Contact Your Bank: If banking or card details were shared
- Change Passwords: Update all affected accounts
- Monitor Accounts: Check for unauthorized transactions
Report the Scam
- BSP Consumer Protection: Call 1-5-7
- PNP Anti-Cybercrime: Call 1-3-1-1
- NTC Consumer Welfare: Call (02) 8920-4464
- GCash Fraud Report: Call 2882
- Facebook Scam Report: Use Facebook Help Center