Smart Communications Inc. has come to the aid of the mobile wallet of its rival Globe Telecommunications on the recent text scams targeting the public.
Based on its close coordination with the Philippine National Police and the National Bureau of Investigation which ran simulation tests on the scam, Smart said the culprits may have used a popular e-wallet and an online messaging platform to harvest the names of subscribers.
“To clarify, the infrastructure of GCash or any digital wallet has not been compromised. The criminals simply checked the mobile numbers if they are subscribed to the platform,” Redoble said.
He said scammers may have found a way to automate the harvesting of names from different sources.
Another possible source, Redoble said, are some mobile loan applications that are designed to extract personal information from smartphones where they have been installed.
NBI cybercrime division Christopher Paz said initial investigation showed that criminals may have acquired or bought the data from different establishments.
“Then, they ran the mobile numbers on GCash and Viber to get the names of the subscribers and use them on their messages,” Paz said.
Several netizens complained about receiving spam messages containing their full names or similar to their GCash usernames.
Smart said it continues to dig deeper into the recent text scams, with investigation conducted by its Cyber Security Operations Group (CSOG) showing that the messages are being sent by individual SIMs and do not come from aggregators or their clients.
“There’s no recent cybersecurity incident that may have allowed criminals to breach our infrastructure and steal customer data to be targeted in their fraudulent activities,” Redoble said.
“We believe that the recent smishing attacks are being perpetrated by local operators. We continue to work with law enforcement agencies to track down the criminals,” he added.