Telecommunications firms have been ordered to block clickable person-to-person uniform resource locators (URLs) from malicious sites in a heightened move by the National Telecommunications Commission (NTC) to fight smishing.
In an order Monday, Sept. 12, the NTC ordered Dito Telecommunity Corp., Globe Telecoms Inc, and Smart Communications to “block or deactivate domains or URLs, TinyURLs, Smart Links and/or QR Codes emanating from malicious sites” based on existing database culled from government agencies such as the NTC, National Privacy Commission (NPC), DTI, law enforcement agencies, subscriber reports and those generated from machine learning or artificial intelligence.
Telcos were also so directed to submit a written report of compliance to the NTC Commissioner on or before Sept. 16, 2022.
For its part, the NPC ordered the three telco service providers earelier to submit a comprehensive audit report which shall include an examination of their respective distributor frameworks for their Subscriber Identity Modules (SIM cards) used in smishing messages that contain the names of recipients.
Privacy Commissioner John Henry D. Naga said the ongoing investigation involves close coordination between telecommunication companies and government authorities such as the NTC.
In addition, the NPC order directs the three telcos to report on all the mobile phone numbers involved in the smishing messages; the distributors and/or entities from where the involved numbers were distributed; the individuals and/or entities where the mobile phone numbers were disclosed by the Distributors; and other information that may aid the NPC in its ongoing investigation.
The telcos have been given a period of ten days to comply. The complaints and Investigation Division of the NPC will also evaluate the telcos’ submissions and probe further.
As part of its next steps, the NPC will convene a meeting with representatives from the Telcos, and government agencies which include, the NTC, the Cybercrime Investigation and Coordinating Center, the Philippine National Police, and the National Bureau of Investigation next week, Sept. 13. The Commission prompts the public to immediately report incidents of targeted smishing at [email protected].
“The Commission is proactively investigating the matter to identify the causes, and implement all possible solutions to mitigate, if not eliminate, the threats and risks brought by targeted smishing messages,” stated the NPC.
“We will relentlessly protect the Filipino against any unscrupulous attempt to take advantage of our personal data. We urge the full cooperation of all stakeholders involved, including the Telcos, our partners in the government, and the public, to bring this matter to a full conclusion,” said Naga.