Phishing e-mails are sent to trick you into revealing personal and financial information. We suggest that you use this short checklist to protect yourself against phishing attacks.

1. Begin your session by manually typing the web address of BPI into your browser. The official URL of BPI Express Online is www.bpiexpressonline.com .

Avoid disclosing personal or account details via email or embedded link. Be skeptical of unsolicited e-mails, especially those that concern personal / account information.

2. Delete suspicious emails or email attachments without opening them, even if they seem to have originated from someone you know.
3. Notify the sending company if you receive a suspicious email. For suspicious transactions that claim to have originated from BPI, you may contact BPI directly through Express Phone 89-100 or email them at expressonline@bpi.com.ph .
4. Check the security certificate of the web page.

Before entering personal or account information into a site, make sure it is secure. In Internet Explorer, you can do this by checking the yellow lock on the status bar. A closed lock is an indication of an encrypted site.

In Internet Explorer 7, check the yellow lock at the right-most side of the URL Address Bar:

If you think you may have responded to a suspicious email, change your password for Express Online as soon as possible.

Banks will never send you an e-mail asking for information on your username and password. The Bank’s websites are protected by a 128-bit SSL encryption and Verisign’s Security Certificate.

READ INTERNET SECURITY WITH WEB OF TRUST TO PROTECT YOU FROM RISKY WEBSITES