BSP sounds alarm on fraudsters impersonating central bank officials

The holiday season is usually a time for giving, but for sophisticated fraudsters, it’s the peak season for taking.

The Bangko Sentral ng Pilipinas (BSP) has issued an urgent warning to the public regarding a surge in fraudulent schemes that are bold enough to misuse the name, logo, and even the signatures of high-ranking central bank officials.

In a sophisticated evolution of “social engineering,” scammers are now moving beyond simple phishing texts. They are producing high-quality, falsified documents designed to look like official BSP clearances to trick victims into handing over their life savings or sensitive digital wallet credentials.

The “authority” trap: Falsified documents uncovered

The BSP highlighted several specific documents currently being used to deceive Filipinos.

These aren’t just random letters; they are designed to mimic the regulatory “plumbing” of the fintech world. If you see any of the following, the BSP warns that they are 100% fake:

• “Assurance letters” or “Confirmation of beneficiary bank”: Often used to convince a victim that a large sum of money is waiting for them, provided they pay a “release fee.”
• “Security system IT department renewal request for OTP PIN”: A direct attack on digital banking users, designed to steal the One-Time Password (OTP) needed to drain an account.
• “Terms of loan contract”: Fake loan offers that claim to be “guaranteed” or “approved” by the BSP to lend a false sense of legitimacy.

The central bank was clear on this: The BSP does not issue or endorse certifications for individual loans, deposits, withdrawals, or credit cards.

The battle for your personal data

For the millions of Filipinos using e-wallets and digital banks, the danger lies in the “sense of urgency” these scammers create.

By claiming a “Security System Renewal” is required, hackers attempt to bypass the very security measures — like 2FA and biometrics — that fintech platforms have worked so hard to implement.

Perpetrators are also masquerading as anti-money laundering (AML) officers, demanding “fees” or “taxes” to clear a transaction.

The BSP reiterated that no legitimate financial regulator or law enforcement agency will ever ask for sensitive information or advanced payments through unsolicited calls, emails, or SMS.

How to spot a “fake” central banker

To protect your digital fortress, keep an eye out for these classic scam hallmarks:

• Low-interest “unicorns”: Loan offers with impossibly low rates that claim to be BSP-approved.
• The “pay to play” fee: Any request for money upfront to “complete a process” or “release funds.”
• Grammatical glitches: While some documents look professional, many still suffer from poor grammar, spelling errors, or outdated agency logos.

The BSP protocol: What to do if you’re targeted

If you receive a suspicious message or document, the BSP’s advice is simple: Ignore and Report.

1. DO NOT engage: Clicking a link or replying only confirms to the scammer that your number is active.
2. Report to the source: Send the details to [email protected] or call (+632) 8811-1277.
3. Lock your accounts: If you’ve already shared information, contact your bank or e-money issuer (GCash, Maya, etc.) immediately through their official in-app help centers.

In the fast-moving Philippine fintech landscape, trust is the most valuable currency.

As the BSP works to modernize our payment standards with ISO 20022, staying vigilant against these impersonation schemes ensures that the only people accessing your digital wallet this Christmas are the ones you’ve invited.