Pressure mounts on telcos to combat text scams

Shared efforts among stakeholders sought

THE country’s major mobile operators, which are under greater pressure to address the worsening text scams, are seeking shared stakeholder efforts.

“At a time of aggressive cybercriminal activity amid growing digitalization, Globe Telecom, Inc. asserts that the public, government and industry players, including telcos, are all victims of these illegal acts,” Globe Chief Information Security Officer Anton Reynaldo M. Bonifacio said in an e-mailed statement on Tuesday.

“It is, thus, a shared fight among all of us to beat our common enemy, which is cybercrime,” he added.

Former Privacy Commissioner Raymund E. Liboro has said that the “privacy panic” should prompt regulators to look into the operations of mobile operators.

“This is very alarming,” he said in an appearance on One News PH’s Agenda program on Monday.

“These personalized messages are targeting individuals and they know these individuals. What is even worrisome is that they are targeting kids,” he added.

Various mobile phone users have reported receiving unsolicited or scam text messages that contain their names.

Globe said it has established “stringent measures” to ensure that customers’ data are protected against any breach.
“The company was able to block 784 million scam and spam messages from January to July this year,” Globe said, adding that it also blocked 610 domains or URLs.

“We work closely with the National Telecommunications Commission and the National Privacy Commission in pursuit of our common goal to crack down on cybercriminals and protect data privacy,” Mr. Bonifacio said.

“GCash also coordinated with law enforcement agencies such as the Philippine National Police–Anti-Cybercrime Group and the National Bureau of Investigation Cybercrime Division on reported scamming incidents, which have led to arrest and prosecution,” he added.

DATA SOLD
The culprits might have used a “popular e-wallet and an online messaging platform to harvest the names of subscribers,” Smart said separately, citing an investigation with the Philippine National Police (PNP) and the National Bureau of Investigation (NBI).

“Our initial investigation showed that criminals might have acquired or bought the data from different establishments. Then, they ran the mobile numbers on GCash and Viber to get the names of the subscribers and use them on their messages,” Christopher M. Paz, chief of the NBI Cybercrime Division, was quoted as saying.

PLDT, Inc. and Smart Communications, Inc. First Vice-President and Chief Information Security Officer Angel T. Redoble said: “To clarify, the infrastructure of GCash or any digital wallet has not been compromised.”

“The criminals simply checked the mobile numbers if they are subscribed to the platform. The scammers seem to have found a way to automate the harvesting of names from different sources. Another possible source also are some mobile loan applications that are designed to extract personal information from smartphones where they have been installed,” he added.

Mr. Redoble also noted that the recent smishing attacks could have been perpetrated by local cyber criminals.

“We continue to work with law enforcement agencies to track down the criminals.”

Smart said it continues to intensify its campaign against the attacks. The company managed to block “more than 11 billion attempts to open links associated with spam messages from January to August of this year.”

Senator Sherwin T. Gatchalian has filed a resolution seeking to investigate the “rampant” personalized text scams. 

“It is alarming that while major telecommunication providers claim to have already blocked a significant number of spam and phishing text messages, the problem continues to hound many telecommunication subscribers,” he said on Monday.

For his part, Senator Emmanuel Joel J. Villanueva said the data leak might not only lessen the trust in telcos, but also “our trust in every company or agency that we give personal data to.”

He has filed Senate Bill 366 or the Anti-Spam bill, which imposes a fine of as much as P100,000 for sending misleading links and collecting personal information without consent.

Hastings Holdings, Inc., a unit of PLDT Beneficial Trust Fund subsidiary MediaQuest Holdings, Inc., has a majority stake in ���ܲ����Ա�����´ǰ�������through the Philippine Star Group, which it controls. — Arjay L. Balinbin and Ashley Erika O. Jose