Telcos caution against network-bypassing scams

The Philippine Chamber of Telecommunications Operators (PCTO) has expressed concern over the recent wave of scam messages sent to mobile users bypassing telecommunications networks.

In a statement, the PCTO urged greater collaboration among industry players, relevant government agencies, and stakeholders to effectively clamp down on emerging fraud methods.

“This new wave of scam messages is worrisome as fraudsters have resorted to methods that do not pass through telco networks, thus they are able to evade our already robust filters,” PCTO President and Globe General Counsel Atty. Froilan Castelo.

He noted that “Industry players and key stakeholders must work closely together to combat this trend. Let’s focus on finding ways to defeat our common enemy: scammers.”

Castelo said a noted rise in malicious messages sent out through methods outside the cellular network. This came about as telcos enforced stringent security measures against scams and spam SMS.

In particular, Globe started blocking all person-to-person SMS with links in September 2022 and later restricted app-to-person SMS.

Methods that evade telco networks include using over-the-top media services or chat apps, Rich Communication Services (RCS) chats for Android users and other Internet-based messaging platforms.

Through these means, fraudsters can send messages to target users even while using foreign mobile numbers.

Another persistent headache is using International Mobile Subscriber Identity (IMSI) catchers or fake cell towers to target mobile users within a particular area.

These portable devices simulate cell towers to intercept mobile communications within a particular area, allowing fraudsters to directly connect with SIMs and send them messages using imitated sender IDs, including official accounts. Called spoofing, this method also evades telco networks.

Spoofing is especially difficult for mobile users to detect as it allows fraudsters to send out SMS that appear to be official advisories from reputable sources, directing victims to malicious online pages through embedded clickable links.

To combat this, telcos like Globe earlier stopped using clickable links in its official customer advisories and also issued several reminders to customers to call for vigilance amid this rising scam trend.

Industry players are working with authorities to find a solution to spoofing, including cutting off the source by preventing the importation of spoofing devices.

PCTO renewed its call for vigilance against fraud, urging the public to never engage with unsolicited messages received via any platform.

“At the end of the day, the first line of defense for mobile users are themselves. Be vigilant and discerning against messages from unknown numbers, and never click on any link inside unsolicited messages. More often than not, these messages are meant to defraud you,” said Castelo.