PLDT’s wireless unit Smart Communications, Inc. (Smart) has reason to believe that foreign syndicates could be bankrolling text scams targeting Philippine telco customers.
“Based on our initial investigation and through our cooperation with law enforcement agencies and state investigators, it is highly possible that foreigners are behind the text scams that have plagued mobile users in the country. They are working with domestic operators to purchase prepaid SIMs in bulk and use these to send ‘smishing’ messages,” said Angel Redoble, FVP and Chief Information Security Officer of PLDT and Smart.
The study conducted by PLDT and Smart’s Cyber Security Operations Group (CSOG) revealed that the most recent smishing attacks are most likely being transmitted person-to-person and not through aggregators. Smart has increased its efforts to combat smishing’ attacks. Smart has canceled 167,000 SIM cards implicated in unlawful conduct between June and August.
Smart has lent its support to the recently passed in second reading SIM card registration measure sponsored by MPs. In the Philippines, prepaid SIM cards are frequently sold without the customer’s personal information.
While awaiting the measure’s enactment, Smart claims it is optimizing processes to quickly acquire relevant customer data and protect it at all levels. In addition, it is examining the weaknesses of other platforms that scammers may exploit after the rule goes into effect.
Additionally, Smart has welcomed the government-led inquiry into illicit behavior. It has been working closely with law enforcement and regulators to apprehend those responsible for the conduct.
“We need a whole-of-community approach. We are sharing relevant information with authorities to identify the perpetrators. We also need to find out how the criminals were able to amass mobile numbers so we can find a solution that will further protect personal data,” added Redoble.
Smart also urges customers to refrain from engaging scammers and to avoid clicking the links that are often found in these messages. Smart encourages customers to report smishing incidents and fraudulent activities to firstname.lastname@example.org.