PLDT, Smart report significant decrease in scammers’ new domains

The number of domains used by digital scammers have been decreasing for the past three days, as PLDT Inc. and its wireless unit Smart Communications, Inc. (Smart) have ramped up their awareness efforts and progressively blocked websites that lead people to fraudulent ‘job hiring’ schemes.

At the onset of this wave of SMS-based scam, PLDT and Smart’s threat intelligence, cybersecurity and cybercrime investigation units initially identified a minimum average of 25 unique domains daily; however, the numbers have begun to dwindle, with only 14 new domains recorded from December 3 to December 5.

Not only were the new domains hitting a downturn, but even the number of blocked attempts made by users to these websites declined from 21,112 last December 3 to only 8,902 on December 5. To date, the teams have already identified 192 suspicious domains and over 100,000 blocked attempts in total.

Despite the fraudsters’ new modus of herding potential victims to WhatsApp chat groups and hiring fluent Tagalog speakers as fake customer service representatives, the decreasing figures in the past three days show that Filipinos are now more vigilant and wary of such offers masked as employment opportunities.

“The scam operators used to engage the victims on a one-to-one basis, in which interested users are transacting with allegedly foreign individuals. Today, they have possibly been employing Filipinos to establish better communication with unsuspecting subscribers and luring them in the process,” said Angel T. Redoble, the Chief Information Security Officer of PLDT and Smart’s Cyber Security Operations Group.

Redoble speculated the many possibilities where personal data may have been collected, sold, and taken advantage of, saying, “One source of information theft is companies with hacked security systems. Another could be the data handling of online platforms that store consumer information. Also notorious for large databases of stolen information is the Dark Web, where there is a corresponding price for every personal data traded,” he said.

“The WhatsApp online messaging platform was also compromised this year, an incident where around two billion users were affected by the data breach. However, these are all just possibilities, as data can come from multiple sources virtually,” he added.

PLDT and Smart have intensified their awareness campaign against SMS phishing by sharing safety tips on social media and disseminating advisories to their subscribers by means of text messaging. Mobile users are urged to be vigilant at all times to avoid falling prey to such fraudulent schemes.

To report suspicious and unsolicited text messages to PLDT and Smart’s Cybersecurity and Operations Group, mobile subscribers may send an email to cybersecurityincidents_customers@smart.com.ph