To avoid the risk of phishing or social engineering related to the Seamless Virtual Account (VA) “Pay at myBCA,” follow these steps:
- Ensure Partner Platform Authenticity
- Verify myBCA Website Address
- Do Not Share OTP or Login Data
- Report Suspicious Activity
- Update Apps Regularly
- Seamless VA BCA Never Requests Personal Data
Transact only through official BCA partner applications or websites. Check the partner’s reputation and avoid unclear links.
Ensure the URL ishttps://mybca.bca.co.id. Avoid sites with suspicious domains (.bca.co.id is the official domain)
BCA never asks for OTP or passwords via phone, email, or message.
If you find a “Pay at myBCA” button on an unofficial platform, immediately contact BCA via the haloBCA app or Halo BCA at 1500888.
Ensure the myBCA app and partner apps are always up to date for optimal security.
Stay secure and never share your personal data, including card number, PIN, OTP code, expiry date, CVC/CVV, user ID, password, Appli1 and Appli2 KeyBCA, or any other sensitive information.
Always remember Om Indro's message: Fraud is on the rise and getting "Agak Laen", but our response stays the same, if you "Don't Know?" the source, just "Kasih No!"
About the Seamless Virtual Account (VA) Feature “Pay via myBCA”
BCA continues to innovate to enhance customer transactions. One of these innovations is the Seamless Virtual Account (VA) "Pay via myBCA" feature, which allows customers to transact smoothly from a partner company's application or website (merchant) directly to myBCA, by simply pressing the "Pay via myBCA" button.
Potential Risks of Phishing/Social Engineering
The convenience of the Seamless Virtual Account (VA) feature may be exploited by fraudsters who create phishing schemes. They may imitate the appearance of official partner applications/websites or send fake links via text messages, emails, or other channels. The "Pay via myBCA" button on these fake platforms can redirect customers to a fake myBCA website designed to steal login credentials and sensitive information.
Examples of Fraud Schemes to Avoid
- Customers shop on a fake app/website that mimics BCA's partner platform.
- During payment, a “Pay via myBCA” button appears, redirecting to a fake myBCA login page (e.g., fake URL:https://mybca-fake.com).
- Customers enter their User ID, Password, or OTP, which is then stolen by fraudsters.
Through awareness and collaboration between customers and BCA, Seamless VA transactions stay secure and convenient!
Always remember Om Indro's message: Fraud is on the rise and getting "Agak Laen", but our response stays the same, if you "Don't Know?" the source, just "Kasih No!