PLDT’s wireless unit Smart Communications, Inc. (Smart) has reason to believe that foreign syndicates could be bankrolling text scams targeting Philippine telco customers.
“Based on our initial investigation and through our cooperation with law enforcement agencies and state investigators, it is highly possible that foreigners are behind the text scams that have plagued mobile users in the country. They are working with domestic operators to purchase prepaid SIMs in bulk and use these to send ‘smishing’ messages,” said Angel Redoble, FVP and Chief Information Security Officer of PLDT and Smart.
The investigation of PLDT and Smart’s Cyber Security Operations Group (CSOG) bared that the latest smishing attacks are most likely being sent person-to-person and do not originate from aggregators. Smart has intensified efforts against ‘smishing’ attacks. From June to August alone, Smart has deactivated 167,000 SIMs that were involved in the illegal activity.
Smart has thrown its support behind the proposed SIM card registration bill that was recently approved on second reading by lawmakers. Prepaid SIMs in the Philippines are often sold without getting the customer’s personal information.
While waiting for the measure to be enacted into law, Smart says it is streamlining process to efficiently collect relevant customer data and ensure that these are protected at all levels. It’s also checking vulnerabilities of other platforms that might be exploited by scammers once the law takes into effect.
Smart has also welcomed the government-led joint investigation into the illegal activity. It has been closely coordinating with law enforcers and regulators to net the persons behind the modus.
“We need a whole-of-community approach. We are sharing relevant information with authorities to identify the perpetrators. We also need to find out how the criminals were able to amass mobile numbers so we can find a solution that will further protect personal data,” added Redoble.
Smart also urges customers to refrain from engaging scammers and to avoid clicking the links that are often found in these messages. Smart encourages customers to report smishing incidents and fraudulent activities to cybersecurityincidents@smart.com.ph.
Smart’s efforts to help curb mobile-based fraudulent activities are part of a much broader program to elevate the quality of customer experience by protecting them from threats and attacks.