The NBI presents the suspects in the BDO “Mark Nagoyo” hacking.

The National Bureau of Investigation (NBI) on Friday announced the arrest of five individuals it said were involved in hacking over 700 bank accounts of Banco De Oro (BDO).

It said the five people — three Filipinos and two Nigerians — were part of the Mark Nagoyo Heist Group, which was responsible for making unauthorized transactions in the BDO clients’ accounts.

NBI Director Eric B. Distor identified the suspects as Ifesinachi Fountain Anaekwe, Chukwuemeka Peter Nwadi, Jherom Anthony Taupa y Diawan, Ronelyn Panaligan and Clay S. Revillosa.

Using intel provided by an informant who had transactions with the two Nigerians, the Cybercrime Division was able to catch Mr. Anaekwe and Mr. Nwadi in an entrapment operation in Mabalacat, Pampanga on Tuesday.

The Nigerians were also reported to be selling devices that could cash out money that was illegally obtained.

The informant also provided information about other people who were believed to be connected to the Mark Nagoyo Group.

Mr. Taupa was arrested in a buy-bust operation in Floridablanca, Pampanga where he was found selling a phishing website.

A phishing website is a fake website that is made to look similar to an official one in order to fool users into thinking they are using a legitimate website. It collects user data like credit card numbers or other banking details.

Another informant said that Mr. Taupa was one of the masterminds behind the heist and was also selling an imitation GCash web page. According to the informant, Mr. Taupa had created the page to collect the data of victims who thought it was the official GCash site. Mr. Taupa was also found to be sending an e-mail list of bank clients’ personal details which was used by the hacking group to access the banking accounts.

Ms. Panaligan and Mr. Revillosa were identified as the web developer and downloader in a separate operation.

In December 2021, a group was able to illegally access bank accounts by allegedly bypassing the One-Time-Pin requirement, resulting in the draining of those accounts’ funds. The e-mail confirmations received by the victims for most of the bank transfers showed that they had been made by “Mark D. Nagoyo.” “Nagoyo” is a Filipino word that can be loosely translated as “swindled.”

In a statement released to the press, GCash commended the NBI’s Cybercrime Division for the arrests it made.

“May this serve as a warning to other fraudsters: We do not tolerate the use of GCash for illegal and unlawful activities, and the long arm of the law will eventually catch up with you,” Ingrid Berona, Chief Risk Officer of GCash was quoted as saying in the release.

In the statement, GCash assured customers of the integrity and security of its platform, saying it employs up-to-date security technologies and global best practices on its system and its app.

“GCash would also like to clarify that it is not party to incidents from other financial institutions,” it said, and advised its customers “to be very careful and vigilant, as scammers are now using phishing techniques through official-looking SMS, emails, and even social networking sites to steal sensitive information like MPINs and one-time passwords (OTPs).” — Jaspearl Emerald D. Tan