Scammers Use GCash, Viber Platforms – NBI – Manila Bulletin

According to the National Bureau of Investigation (NBI), local scammers used a popular e-wallet, GCash, and Viber, an online messaging platform, to collect subscribers’ names in the latest scams plaguing the public.

“Our initial investigation revealed that criminals may have acquired or purchased the data from various entities. Then they ran the cellphone numbers on GCash and Viber to get the subscribers’ names and use them in their messages,” said Christopher M. Paz, head of the NBI’s Cybercrime Division.

However, the infrastructure of GCash or any digital wallet was not compromised, clarified Angel Redoble, FVP and Chief Information Security Officer of PLDT and Smart.

The telecom companies’ Cyber ​​Security Operations Group (CSOG) is coordinating with the Philippine National Police (PNP) and the NBI, which have been conducting simulation tests on the scam.

“The criminals simply checked cell phone numbers to see if they subscribed to the platform. The scammers appear to have found a way to automate the collection of names from various sources,” he explained.

“Another possible source is some mobile lending applications designed to extract personal information from smartphones on which they have been installed,” Redoble added.

Investigators found that the smishing attacks are sent from individual SIMs and do not originate from aggregators or their customers.

“There hasn’t been a recent cybersecurity incident that has allowed criminals to penetrate our infrastructure and steal customer data to target them in their fraudulent activities,” said Redoble.

“We believe recent smishing attacks are being carried out by local operators. We continue to work with law enforcement to track down the criminals.”

Smart continues to ramp up its anti-smishing campaign, blocking more than 11 billion attempts to open links associated with spam messages from January through August this year.

This was made possible by the company’s efforts to prevent access to more than 9,000 Uniform Resource Locators (URL) linked to the illegal activity.

Complementing this strategy is Smart’s SMS firewall blocking, which blocked more than 300 million malicious messages from reaching its customers in the first eight months of the year.

Smart has further strengthened its defenses against spam, hoaxes and smishing activities by blacklisting around 167,000 listed accounts that have been identified as the sources of these fraudulent messages.

PLDT and Smart have strengthened their cybersecurity infrastructure, investing nearly £3 billion in 2021 to protect the public from emerging cyber threats and vulnerabilities.

For its part, Globe Telecom Inc. to date has spent $20 million, or approximately Pta.1.1 billion, of investments to improve its capabilities to detect and block fraud and spam messages from international and domestic sources, including app-to-person and person-to, improve -person SMS.

“At a time of aggressive cybercriminal activity amid increasing digitization, Globe claims that the public, government and industry, including telecom companies, are all victims of these illegal acts. It is therefore a common struggle between all of us to defeat our common enemy, cybercrime,” said Anton Bonifacio, Globe’s Chief Information Security Officer.

Globe also maintains a 24/7 Security Operations Center where over 100 employees work tirelessly to detect attacks, security breaches, and spam and text messages.

Through those efforts, from January to July this year, the company was able to block 784 million scam and spam messages, disable 14,058 fraud-linked SIM cards, and blacklist 8,973 others. Globe also blocked 610 domains or URLs.

“We work closely with the National Telecommunications Commission and the Data Privacy Commission to crack down on cybercriminals and protect privacy,” says Bonifacio.

“GCash also coordinated with law enforcement agencies such as the Philippine National Police – Anti-Cybercrime Group and the National Bureau of Investigation Cybercrime Division for reported fraud incidents that have resulted in arrests and prosecutions.”

To date, from January 2021 to March 2022, GCash has been able to ban 900,000 fraudulent accounts and help arrest scammers.

Likewise, Globe has partnered with banks and online retailers to share threat intelligence and data to enhance cross-industry collaborative efforts against cybercriminals.



About Katie Curtis

Check Also

BSP braces for another jumbo rate hike to keep up with aggressive Fed

Ramon Royandoyan – November 3, 2022 | 10:42 a.m MANILA, Philippines – The Bangko …