Anton Bonifacio, chief information security officer (CISO) of Globe, and Angel Redoble, CISO of Smart/PLDT, and their teams of cybersecurity professionals are at the frontline fighting the scammers who continuously attack users by sending messages with malicious links via SMS.
Cybercriminals are amazingly creative in baiting recipients to click the malicious links embedded in text messages. This month, many users received text messages where the cybercriminals mentioned their names, making the scam message more believable. This new addition to scammers’ tricks makes recipients more likely to click on the link.
Director Rojun Hosillos and his Cybercrime Investigation Coordination Center (CICC) team at the Department of Information and Communications Technology (DICT) checked the latest spam text messages. They found that scammers want to bring recipients to gambling sites, fake social media login pages, and bogus banking websites.
Director Hosillos said cybercriminals have only one purpose, and that is to steal your money. They will also try to take over your social media account, but the end goal of the cybercriminals is money.
Bonifacio and Redoble, although coming from competing telcos, have the same mission: to defend their networks and ensure users’ safety by protecting them from attacks, including the problems cybercriminals bring to the internet and mobile phone users. Aside from SMS scams, Globe and Smart are also fighting cybercriminals who target children using the internet.
As early as July this year, Globe and Smart/PLDT have been blocking fraud links from their networks. Also, in January 2021, the two telcos blocked more than 5,000 sites to combat child exploitation. The latest figures show Smart/PLDT blocking 23 million scam text messages and more than 78,000 SIM cards used in scams and other criminal activities. On the other hand,
Globe blocked more than 784 million spam messages and deactivated more than 14,000 SIM cards linked to scams. Globe invested 2.7 million dollars in equipment and solution for its content filtering system. Smart/PLDT has built a ₱2 billion cybersecurity operations center to secure its users and combat fraud and scam. Everything is automated, and nothing passes through human scrutiny to protect the users’ privacy. But, even with these efforts, cybercriminals have found ways to circumvent some of the safety measures Globe and Smart have put into place; thus, we are now receiving spam text messages with malicious links.
Because of this, the National Telecommunications Commission of the Philippines ordered telcos to block links in text messages. Globe and Smart strongly supported the NTC’s order as they have been doing it already, even without the mandate. With the blocking of scam links, there will be a database of malicious links that telcos will block, so even if the SMS recipient clicks the link, what he will get is an error message, thus, protecting him from a possible scam. However, the NTC could go further by mandating telcos (what they are already doing) to block the SMS message so it would not reach the recipient’s inbox. With the sophisticated content filtering systems of Globe and Smart/PLDT, they could do it without checking the recipient’s number or the content of the message.
This is, however, just a band-aid solution. Blocking the link does not remove the content from the internet. Malicious sites will still be there, waiting for unsuspecting users to find them via links modified by the scammers. Also, blocking links will not stop the annoying spam messages users get.
Are we helpless? I asked Redoble, first vice president and Group CISO of PLDT and Smart, how we could effectively solve the issue of spamming and internet fraud. He said we need a “whole community approach” to stop cybercriminals from exploiting users.
“This is not just securing our system or the people near us. We need to secure the whole community by using the knowledge and experience of all of us in the community. This means engaging with individuals, government, and private sector to work together for a more secure online world.” Redoble said.
I fully agree with Redoble. The “whole community approach” to the issue of scams and internet fraud is the best solution that is available for us. While it is the responsibility of users to look out for themselves, the government and private sectors need to equip these users to make them ready to use the latest technology. It should also be the responsibility of users to cooperate with the private sector to prevent fraud and with the government to prosecute cybercriminals.
(Art Samaniego, Jr. is the head of Manila Bulletin IT Department and is the editor of Technews.)