As Filipinos ring in the new year, cybersecurity threats are ringing just as loudly.

Scammers have stepped up efforts to defraud bank customers using sophisticated equipment known as IMSI catchers, allowing them to send fake text messages that appear to come from the official sender ID of UnionBank, authorities and cybersecurity advocates warned.

The fraudulent messages are designed to create panic, often claiming that a large unauthorized transaction has been made on a recipient’s account or that a loan request under their name is being processed. The messages typically include a link urging the recipient to immediately “cancel” the transaction.

According to advisories, the scam follows a familiar but increasingly effective three-step process.

First, victims receive the fake SMS that appears legitimate because it is grouped under UnionBank’s official sender ID. The message pressures recipients to act quickly, exploiting fear and urgency.

Second, clicking the link leads to a fake website that closely mimics the UnionBank Online login page. Unsuspecting users are prompted to enter their username and password, believing they are securing their account.

Third, once the victim enters their login credentials, the fraudster mirrors the action in real time on the legitimate UnionBank Online platform. When the system sends a one-time password (OTP) to authorize the login, victims are tricked into entering the OTP on the fake site. The scammer then uses the same OTP to gain full access to the victim’s account and funds.

Cybersecurity experts note that the use of IMSI catchers makes the scam particularly dangerous, as the messages appear more credible than ordinary phishing texts. IMSI catchers can impersonate legitimate mobile network infrastructure, allowing scammers to bypass typical SMS filtering systems.

With the new year traditionally marked by fresh financial goals, increased online transactions, and post-holiday spending, banks are urging customers to be extra vigilant.

UnionBank has reiterated that clients should never click links from unsolicited or suspicious messages. Customers are advised to immediately log in only through the official UnionBank Online app or website to verify their account status.

Bank officials also reminded the public that UnionBank will never ask customers to share their OTPs, passwords, or personal banking details through text messages or external links.

Customers who notice suspicious activity or receive questionable messages are urged to immediately contact UnionBank’s Customer Service Hotline at +632 8841 8600. Additional tips on protecting accounts and personal information are available through the bank’s official cybersecurity resources.