Smart Communications is working with the Philippine National Police (PNP) and the National Bureau of Investigation (NBI) to dig deeper into the recent text scams that have been plaguing the public.
There has been an increase of smishing attacks or spam messages with the full names of the intended victims. Based on the investigation conducted by Smart’s Cyber Security Operations Group (CSOG), the messages are being sent by individual SIMs and do not come from aggregators or their clients.
“There’s no recent cybersecurity incident that may have allowed criminals to breach our infrastructure and steal customer data to be targeted in their fraudulent activities,” said Angel Redoble, FVP and Chief Information Security Officer of PLDT and Smart. “We believe that the recent smishing attacks are being perpetrated by local operators. We continue to work with law enforcement agencies to track down the criminals.”
Based on Smart’s close coordination with the PNP and the NBI, the culprits may have used a popular e-wallet and an online messaging platform to harvest the names of subscribers.
“Our initial investigation showed that criminals may have acquired or bought the data from different establishments. Then, they ran the mobile numbers on GCash and Viber to get the names of the subscribers and use them on their messages,” said Christopher M. Paz, Chief of the NBI Cybercrime Division.
Redoble clarifies that the infrastructure of GCash or any digital wallet remains secure and has not been compromised. Instead, criminals are now using such platforms to determine if the names of would-be targets. In the case of GCash, for example, it is being used to check if the mobile numbers are subscribed to the platform. Other possible sources of names include mobile loan applications, which are designed to extract personal information from smartphones.
Smart continues to intensify its campaign against smishing, blocking more than 11 billion attempts to open links associated with spam messages from January to August of this year. This was made possible by the company’s efforts to prevent access to more than 9,000 Uniform Resource Locators (URL) tied to the illegal activity.
Complementing this strategy is Smart’s SMS Firewall Blocking that has prevented more than 300 million malicious messages from reaching its customers in the first eight months of the year. Smart further shored up its defenses against spams, hoaxes, and smishing activities by blacklisting around 167,000 listed accounts that have been found to be sources of these fraudulent messages.
Smart’s efforts to detect and block malicious messages, including SIMs and websites tied to fraudulent activities, are part of a much broader program to elevate the quality of customer experience by protecting them from threats and attacks.
To find out how you can protect yourself from smishing scams, go here: Stay safe from smishing scams: Delete text messages with suspicious links from unknown numbers.