Following the sudden rise of SMS spam or unsolicited text messages, PLDT and Smart Communications, Inc. (Smart) have launched an all-out information awareness campaign to remind the public to be extra vigilant of suspicious text messages and new methods of cyber fraud.
Scamming techniques have evolved over time, making spam-based SMS fraud not easily recognizable by mobile users. As advocates of strengthening their customers’ cybersecurity defenses, PLDT and Smart, through the Cyber Security Operations Group (CSOG), have identified the processes behind the surge of fraudulent messages.
“The recent SMS spamming activities are specific to job hiring. If mobile users open the link from any of these scam text messages, they will be redirected to the WhatsApp platform, in which they will be offered an attractive salary package, ranging from P500 to P10,000,” said Angel Redoble, PLDT and Smart’s Chief Information Security Officer, who likened this scheme to ‘digital pyramiding.’
Misled users are first prompted to provide their personal information and to open an account in a platform managed by the scammer. In this channel, interested job applicants are lured to deposit cash, from which they will be receiving a percentage as commission. However, once the investments have added up to huge quantities, the individual will no longer be able to withdraw his or her commission pay and will be notified to access the Telegram app for cash transactions in bigger amounts.
PLDT and Smart have designed Indicators of Compromise (IOC) to identify such malicious activities and to address potential cyber threats to the network. Through a multiple-layer blocking system, CSOG protects subscribers by flagging mobile numbers, domains, and IP addresses that the system finds threatening.
As this new modus is proving to be a novel phishing scam, the Group advises the public to follow a number of precautionary measures to avoid becoming fraud victims. “If you receive these kinds of messages, do not follow the links because their company is not hiring people, and it is most likely a scam. You have to be paranoid with every suspicious email, link, or text message, as scammers not only take your information but also your hard-earned money,” said Redoble.
“This is not just a spray and pray operation. It’s well-organized, targeted, and is apparent in other countries as well,” he added.
PLDT and Smart have reinforced their collaboration with government agencies National Telecommunications Commission (NTC), Department of Trade and Industry (DTI), and the National Privacy Commission (NPC) in stamping out text-based phishing scams and other types of cyber attacks.
