Scammers use GCash, Viber platforms -- NBI


Local fraudsters used a popular e-wallet, GCash, and Viber, an online messaging platform, to harvest the names of subscribers in the latest scams plaguing the public, according to the National Bureau of Investigation (NBI).

“Our initial investigation showed that criminals may have acquired or bought the data from different establishments. Then, they ran the mobile numbers on GCash and Viber to get the names of the subscribers and use them on their messages,” stated Christopher M. Paz, chief of the NBI Cybercrime Division.

However, the infrastructure of GCash or any digital wallet has not been compromised, clarified Angel Redoble, FVP and Chief Information Security Officer of PLDT and Smart.

The telcos' Cyber Security Operations Group (CSOG) is coordinating with the Philippine National Police (PNP) and the NBI who ran simulation tests on the scam.

“The criminals simply checked the mobile numbers if they are subscribed to the platform. The scammers seem to have found a way to automate the harvesting of names from different sources," he explained.

"Another possible source are some mobile loan applications that are designed to extract personal information from smartphones where they have been installed,” Redoble added.

Investigators established that the smishing attacks are being sent by individual SIMs and do not come from aggregators or their clients.

“There’s no recent cybersecurity incident that may have allowed criminals to breach our infrastructure and steal customer data to be targeted in their fraudulent activities,” Redoble maintained.

“We believe that the recent smishing attacks are being perpetrated by local operators. We continue to work with law enforcement agencies to track down the criminals.”

Smart continues to intensify its campaign against ‘smishing’, blocking more than 11 billion attempts to open links associated with spam messages from January to August of this year.

This was made possible by the company’s efforts to prevent access to more than 9,000 Uniform Resource Locators (URL) tied to the illegal activity.

Complementing this strategy is Smart’s SMS Firewall Blocking that has prevented more than 300 million malicious messages from reaching its customers in the first eight months of the year.

Smart further shored up its defenses against spams, hoaxes, and smishing activities by blacklisting around 167,000 listed accounts that have been found to be sources of these fraudulent messages.

PLDT and Smart have been fortifying their cybersecurity infrastructure, investing nearly ₱3 billion in 2021, to safeguard the public against emerging cyber threats and vulnerabilities.

Globe Telecom Inc. for its part, has spent $20 million or roughly P1.1 billion in capital expenditures todate to boost its capabilities in detecting and blocking scam and spam messages of international and domestic sources, including app-to-person and person-to-person SMS.

“At a time of aggressive cybercriminal activity amid growing digitalization, Globe asserts that the public, government and industry players, including telcos, are all victims of these illegal acts. It is, thus, a shared fight among all of us to beat our common enemy, which is cybercrime,” says Anton Bonifacio, Globe Chief Information Security Officer.

Globe also maintains a 24/7 security operations center, with over 100 people working tirelessly to detect attacks, breaches and spam and text messages.

Through these efforts, the company was able to block 784 million scam and spam messages from January to July this year, deactivated 14,058 scam-linked SIMs and blacklisted 8,973 others. Globe also blocked 610 domains or URLs.

"We work closely with the National Telecommunications Commission and the Data Privacy Commission to crack down on cybercriminals and protect data privacy," says Bonifacio.

"GCash also coordinated with law enforcement agencies such as the Philippine National Police–Anti-Cybercrime Group and the National Bureau of Investigation Cybercrime Division on reported scamming incidents, which have led to arrest and prosecution."

To date, GCash was able to block 900,000 fraudulent accounts from January 2021 to March 2022 as well as helped arrest fraudsters.

Likewise, Globe partnered with banks and online retailers for threat intelligence and data sharing to boost multi-industry shared efforts against cybercriminals.