COL website hacked? Here’s how to protect your stock trading account



The website of COL Financial got hacked?

In an email sent to COL clients last Friday, October 20, COL’s President and CEO Dino Bate mentioned that there was a “possible breach” in the COL system.

The good thing, though, is that COL Financial has assured clients that account balances and stock holdings were not affected. At present, there have been no news of anyone complaining about or reporting unauthorized withdrawals as a result of the incident.

However, it appears that the hacking incident involved unauthorized access, perhaps even stealing, of personal information of clients. The company hasn’t officially confirmed the breach, but what’s troubling is that if this is true, then it could mean hackers have gotten hold of the personal details of some, or worst, all of COL clients. We’re hoping COL will provide updates, and hopefully positive updates, about this incident next week.

Here’s a copy of the letter sent by COL’s President to clients last Friday:

Dear COL Client,

I am writing to you today to inform you that we discovered a possible breach in our system involving some personal client information.

While this possible breach has not been confirmed, please be assured of the integrity of your account balances and stock positions, and that your account transactions have not been compromised. In addition, we have internal control procedures that prevent unauthorized withdrawals from your account.

We have taken action to further strengthen the security of our systems. We also recommend as a standard practice that you regularly change your password.

Should you have further questions, you may reach us at helpdesk@colfinancial.com. We will do our best to respond to you as soon as possible.

Thank you.

Dino Bate
President & CEO

This hacking incident proves that even large, publicly-listed companies find it a challenge to secure their systems against hackers. They may spend millions of pesos or dollars, but it appears no system can be 100% hack-proof.

Unfortunately, individuals are more prone to hacking attacks. So to ensure that your COL Financial account (or any other online account) is protected, we recommend that you adopt these eight (8) online security tips.

8 Security Tips to Protect your COL Financial account 

Tip #1: Once logged in to COL Financial’s website, always check your “Last Login”.

The COL Financial website shows your “Last Login” information whenever you log back in to your account. Always check this information and see if it corresponds to the date and time you last accessed your COL account.

If there are discrepancies, for example, you believe you did not access it during the date and time showed in the “Last Login”, immediately report the incident to COL Financial at helpdesk@colfinancial.com.

This “Last Login” information can be found here:

Tip #2: Use strong passwords.

Your account password should be strong and complicated enough so that other people will find it difficult, if not impossible, to guess the password. Your password should preferably be a combination of letters and numbers, using uppercase or capital letters, and also with symbols such as question mark (?) or exclamation point (!) or asterisk (*).

Never use any personal information in your password, such as birthday, or your student or employee ID number, or condo unit or home address. Hackers can easily guess these information, sometimes, just by checking your Facebook or social media accounts. Opt for a password that’s difficult to crack, and preferably don’t use just one password in all your online accounts.

To change your COL Financial password, go to Home > Change Profile > Change Password in the COL Financial website.

Tip #3: Change your password regularly.

This is probably a bit of a hassle, but changing your password regularly can help deter hackers from guessing your password and ultimately accessing your account. We suggest you change your password every 6 months or whenever you deem it necessary. Go back to our Tip #2 for ideas on what password to use.

Tip #4: Don’t just close your browser; log out of your COL account when you’re done with the session.

Some users simply close their browsers when they’re done accessing their COL accounts. They are not aware that some browsers actually save the browsing cache and history which means another person who will open the browser in the same PC may be able to log in to the account.

So that the next person using the PC won’t be able to access your account, follow this simple tip. When you’re done with your COL session, do NOT simply close your browser. Click the Logout button and wait for the browser to show that you’re fully logged out.

Tip #5: Don’t click links on emails sent by strangers or people you do not trust.

Emails with dubious links could be installing spyware software on your PC that could steal personal information, such as your login usernames and passwords. These software send the stolen information to a hacker who will access your account.

To protect yourself, make it a rule to not click on any link you see in an email. Clicking on it activates or installs the malicious software. Only click links in an email if absolutely necessary and if you fully trust the sender of the email.

Tip #6: Update your computer and install anti-virus / anti-spyware spyware.

Older versions of your computer’s operating system (Windows or Mac OS), browser (Google Chrome, Safari, Internet Explorer, Microsoft Edge, etc.), or other installed software may be vulnerable to a hacking attempt. Make sure you are using the latest version since the latest versions usually have security updates that protect your PC.

Also install anti-virus and anti-spyware software. Viruses and spyware can lead to vulnerabilities that open your PC to hackers. There are several free anti-virus software that can scan your computer’s files and emails and instantly delete any viruses found.

Anti-spyware software, meanwhile, helps protect your PC from malicious programs that are usually installed without your consent. Once installed, these spyware could monitor your computer usage, save the websites you visit, and collect the passwords you use. Armed with these information, the hacker can easily take over your online account.

Tip #7: Only use computers or wi-fi networks you trust.

When accessing your COL Financial account, make sure you’re using a trusted computer and a secure wifi network. Some public computers, for example those in internet shops, may have malicious software installed. As explained in Tip #6, these software or spyware could collect your passwords or personal information and discreetly send them to a hacker.

If you are to use a public or shared computer, make sure you do the following once you’re done with the session:

1. Click the Logout button in your COL Financial account and wait for the browser to show that you’re fully logged out.

2. Delete the browsing history, cache, and cookies that were saved in your browser.

3. Close all browsers.

When using wifi, connect only to wifi networks that you trust. Do you know that free wifi connection offered by some establishments may include spyware that can track your usage, including the websites you visit and the passwords you use?

So the next time you’re looking for free, public wi-fi connection, double check if it’s secure and reliable before you attempt to connect to it.

Tip #8: Finally, be aware of phishing or copycat websites.

COL Financial’s official website is https://www.colfinancial.com/. If the URL you’re accessing looks or is spelled differently, it’s most likely not COL’s website, so do not continue to use it.

These fake websites are called “phishing” websites and they’re used to “fish” for and collect personal information which will be used for hacking. Always, always double check that the website you’re accessing is COL’s official website.

Before inputting anything in what you believe is COL’s website, confirm that your browser shows these three (3) security indicators:

  1. a web address that begins with https and not just http;
  2. a padlock icon in the browser; and
  3. a “Secure” note in the Address bar of your browser.

If these three things are not present in your browser, then it’s most likely a phishing or fake COL website. Be warned!

Other useful articles you should be reading right now:

About the Author

blank

PSEi support seen at 6,200 and 6,000 amid weaker Peso

In a not-so-surprising move, the U.S. Federal Reserve (Fed) yesterday raised interest rates by 75 basis points (bps) or 0.75% in a bid to tame rising inflation in the United States. This was the third consecutive 0.75% rate hike by the Fed, which brings the federal funds rate, the central bank’s benchmark interest rate, to ... Read more
blank

Official SWIFT Code of BDO, BPI, Metrobank, Philippine banks

When sending cash remittances or wire transfer to a bank account in the Philippines (such as BDO, BPI, Metrobank, Landbank, DBP, etc.), you’ll surely need the SWIFT Code of the bank. Look no further because you can find all the SWIFT Codes you need in this list! Make sure you’re using the right bank code ... Read more
blank

How to Waive your Credit Card Annual Fee (BDO, BPI, Metrobank, RCBC, Citibank, UnionBank)

Without a doubt, one of the most annoying fees that credit cardholders have to pay is the annual fee. Majority of cardholders are familiar with this fee and majority of us likely pay this grudgingly year after year after year. In the case of my credit card with BPI (Bank of the Philippine Islands), I’m ... Read more
blank

Why Filipinos do not become business owners or entrepreneurs

For a majority of Filipinos, entrepreneurship does not seem to be a typical, expected path. This is not surprising, considering that in school, students are primarily taught to become employees after graduation. Students train for years to become staff workers, reporting to a supervisor, and just waiting to receive their wages or salaries every month. ... Read more
blank

My experience investing in Mutual Funds in the Philippines

I started investing in mutual funds when I was 22 years old. As an Overseas Filipino Worker (OFW) then, I was fortunate to be able to save some money at that young age because of my work abroad. One time while I was on vacation in the Philippines, I saw a large billboard in EDSA ... Read more
blank

Income Tax Tables in the Philippines (2022)

The Philippines’ new tax reform bill, known as TRAIN or Tax Reform for Acceleration and Inclusion, was signed into law on December 19, 2017 and its implementation began on January 1, 2018. What are the new income tax rates under the TRAIN law? How will TRAIN affect income taxes of individuals and corporations? How is the ... Read more
blank

PSE Stocks Performance under each Philippine President (1987-2021)

Did you know that Philippine stocks were able to achieve an astounding growth of 800% in a span of 30 years? From 1987 until 2018, the Philippine Stock Exchange index (PSEi) rose from 1,000 points to a peak of 9,000 points — generating a return of 800% over 30 years. (The PSEi is an index ... Read more
blank

SSL 2022: Salary Increases for Teachers, Nurses, Gov’t Employees

Good news to all government employees! There’s a new round of salary increases beginning January 1, 2022! Millions of employees of the Philippine government — including public school teachers, nurses and staff of government hospitals, and workers in local and national government agencies, etc. — will be getting an automatic salary adjustment this 2022 under ... Read more
blank

PSE Trading Hours in 2022: What time open, when closed?

Before you take the plunge into stock trading and investing, make sure you understand what stocks are and how the Philippine Stock Exchange (PSE) operates. Unlike other investments that are relatively safe, stock trading is risky and loss of money is a possibility. So before you deep dive into the exciting world of stock trading, ... Read more

Price Floor and Price Ceiling of PSE Stocks

Trading bands in the PSE come in two forms: Price Ceiling, or the upper price limit, and Price Floor, or the lower price limit.

Leave a Comment