PLDT, Smart step up anti-SMS spam war, block more than 200 domains over weekend

PLDT, Smart ramp up efforts to prevent customers from falling prey to the infamous SMS scam or smishing.

Over the weekend, the Group blacklisted 200 more domains linked to the illegal operation upping the total to more than 400. These efforts prevented more than 16,000 attempts to open websites being used by fraudsters to rob victims in the SMS-initiated investment scam since Wednesday, November 24, 2021.

“Fraudsters ask you to register on these websites and link your mobile wallet. Just like digital pyramid schemes, they entice you to progressively invest bigger amounts by dangling bigger commissions. But after some time, they’ll hostage your investment preventing you from cashing out your money unless you put in more money,” warned Angel T. Redoble, Chief Information Security Officer of PLDT and Smart’s Cyber Security Operations Group.

The Group’s Cyber Security Operations Group had earlier engaged the syndicate to dive deeper into their operations. Believed to be run by a globally organized criminal organization, the scheme starts with an SMS offering jobs. These messages usually ask customers to click the link to a WhatsApp account.

“The SMS are being sent by syndicate members operating locally. Once customers tap on the WhatsApp link, they are brought to a chat room where fraudsters based in another country engage them in real-time,” explained Redoble.

The Group has likewise notified web hosting companies about fraudulent domains that are scamming Filipinos. Additionally, in the month of November alone, Smart has blocked at least 19,000 mobile numbers believed to be tied to the illegal operation.

Redoble urge customers to be cautious about messages or calls from unknown individuals, “Be suspicious of job offers when you haven’t applied for one or of winning the grand prize in a raffle that you don’t remember joining. The bottom line is, they are going to steal your money. And we have proven that.” 

Aside from collaborating with banking institutions, e-commerce firms, and other telecommunications companies in coming up with a unified strategy, the Group is also working closely with the Department of Trade and Industry, National Telecommunications Commission, and the National Privacy Commission in addressing the issue.

To report suspicious and unsolicited text messages to PLDT and Smart’s Cybersecurity and Operations Group, mobile subscribers may send an email to cybersecurityincidents_customers@smart.com.ph