Millions of Filipinos are scrambling to register their SIM cards before a July 25 deadline set by the government or risk losing their mobile services. But as the clock ticks down, cybercriminals are ramping up their phishing attacks, sending fake SMS messages to trick users into giving up their personal information and account access.
According to the Department of Information and Communications Technology (DICT), only 61.94% of the 168 million SIM cards in the country have been registered so far, leaving less than 40% of Filipinos vulnerable to deactivation and phishing scams. Phishing is a form of social engineering that uses deceptive emails or texts to lure victims into clicking on malicious links or attachments, or divulging sensitive data such as passwords, bank details, or one-time passwords (OTPs).
Palo Alto Networks warns that phishing attacks are a persistent and dangerous threat that can lead to identity theft, financial loss, or account compromise. The company advises users to be vigilant and cautious when receiving messages from unknown or suspicious sources, especially those claiming to be from their telecom providers.
“Phishing attacks will persist as the SIM card registration deadline draws nearer. Cybercriminals’ primary goal is to seize control of your number and exploit your OTPs to steal your money,” said Steven Scheurmann, Regional VP for ASEAN at Palo Alto Networks. “To stay safe, it’s crucial to think before you click and remain vigilant whenever you need to share sensitive information. Embracing the Zero Trust principle and granting the least privilege to your personal data can significantly bolster your defenses against phishing threats.”
Palo Alto Networks shares some tips on how to protect oneself from phishing attacks as the SIM card registration deadline approaches:
- Exercise caution when presented with unknown links: Be wary of links received from unfamiliar numbers or sources, especially those claiming to be from your telecom provider. Avoid clicking on suspicious links, as they may lead to fraudulent websites designed to steal your personal information.
- Scrutinize links for anomalies: Check for misspellings or unusual URLs in the links provided. Phishers often employ tactics such as using slight variations of genuine domain names to deceive users.
- Research official SIM registration procedures: Familiarize yourself with your network provider’s legitimate process for SIM registration. This will help you distinguish between genuine communications and phishing attempts.
- Stay informed on security measures: Some telecom providers and other organizations, such as banks, proactively block links via SMS to combat phishing attacks. Stay up-to-date with the security measures implemented by your trusted apps or organizations to enhance your protection.
- Leverage Multi-Factor Authentication (MFA): Activating MFA provides an extra layer of security, acting as a vital firewall for your devices during this heightened risk period.
The DICT has clarified that there will be no further extension for SIM card registration in the Philippines, citing national security and public safety reasons. Users who fail to register their SIM cards by July 25 will have their mobile services deactivated until they comply with the requirement.
The DICT urges users to register their SIM cards as soon as possible through their network providers’ official channels, such as websites, apps, or authorized outlets.
- SMART/TNT/PLDT Home WiFi: simreg.smart.com.ph
- GLOBE: new.globe.com.ph/simreg
- DITO: https://digital.dito.ph/pto/download/app
Users can also verify their registration status by contacting their network providers’ customer service hotlines.