The April 23 hack of fast food chain Wendy’s Philippines exposing over 80,000 records is now being used by the hackers to send phishing emails purportedly from BDO asking to verify your account.
Obviously, DO NOT click on the button as it DOES NOT direct you to bdo.com.ph, but to dsi.mtsu.edu which is perhaps another compromised site housing a fake BDO page asking for your credentials. (See below)
Always check that the URL indicates the address of the site you want. Although modern web browsers conduct a check and warn you of potential deception, be vigilant nonetheless.
This is how the fake BDO site on dsi.mtsu.edu looks like – pretty damn good! I’m showing you so you won’t have to find out for yourself:
I have already sent an email to this educational institution informing them that their servers are being used for nefarious purposes. You’re welcome, BDO! </donvy>