The Department of Information and Communications Technology revealed on Sunday that it is reaching out to its international counterparts to trace the origins of personalized text scams and unsolicited messages which might have come from sources abroad.
DICT Undersecretary Alexander Ramos said in an interview that they already have leads where the text scams are originating.
"Our theory here is that it is not local; it's just a coincidence that the system is almost automated. This is not only happening in the Philippines, but it is also happening in other countries so it's a bigger effort, a bigger investigation to identify these destination sites," Ramos said.
The DICT undersecretary — who also sits as executive director of the Cybercrime Investigation and Coordinating Center — added that investigations did not find any hacking incidents in local servers.
According to Ramos, the DICT will also look into SIM cards bought in bulk to trace where the text spam might come from.
"That's one of the ways to trace what was ordered from the telco companies, they should provide us the list of their dealers. That's one of our leads in the direction where these SIM cards can be used," Ramos said.
The National Privacy Commission also noted that the recent wave of targeted smishing messages "appear to have been sent using specific mobile numbers registered to certain texting services."
It said smishing messages sent using mobile numbers are possible through a phone-to-phone or P2P transmission. It is usually coursed via a telecommunication company's regular network and does not pass through data aggregators.
"Nonetheless, NPC has been continuously investigating potential sources and the root cause of targeted smishing messages such as patterns in the use of name formats that prospectively match the names of data subjects registered with popular payment applications, mobile wallets, and messaging applications," the NPC said.
While the government authorities are still investigating these incidents, telco firms are now feeling the pressure to do their part.
Globe Telecom Inc. said it has spent $20 million or roughly P1.1 billion in capital expenditures to boost its capabilities in detecting and blocking scam and spam messages of international and domestic sources, including app-to-person and person-to-person SMS.
The company said it blocked about 784 million scams and spam messages from January to July this year; deactivated 14,058 scam-linked SIMs and blacklisted 8,973 others. Globe also blocked 610 domains or URLs.
PLDT and Smart, on the other hand, have been ramping up their cybersecurity infrastructure. It invested nearly P3 billion in 2021 to protect the public from emerging cyber threats and vulnerabilities.
Smart's SMS Firewall Blocking has prevented more than 300 million malicious messages from reaching its customers in the first eight months of the year. The telco further shored up its defenses against spam, hoaxes, and smishing activities by blacklisting around 167,000 listed accounts that are sources of these fraudulent messages.
