MANILA - A new text scam wherein criminals disguise themselves and their mobile numbers as reputable institutions to steal personal information is being investigated by the National Privacy Commission.
The NPC on Thursday said it is working with telco providers to immediately address a new form of text scam that is different from smishing which uses prepaid SIM numbers.
“Nakikipag coordinate na po kami sa mga telcos para malaman exactly kung ano ang nangyayari kasi, dahil nga gumagamit na sila ng sender ID ng mga reputable companies," Deputy Privacy Commissioner Leandro Aguirre said.
(We are coordinating with telcos to know exactly what is happening since the scammers are using sender ID of reputable companies)
“Panibagong pamamaraan na naman ito. Gumagamit na sila ng data aggregators dito, hindi na katulad ng prepaid numbers na kung saan saan na lang," he added.
(This is new since they're using data aggregators)
Data aggregators are defined by the NPC as possibly legal entities tapped by companies to act on their behalf in dealing with telcos. They are tapped for activities such as text blasting promotions and other company messages to customers.
ABS-CBN was able to obtain screenshots of these new smishing attacks, which appear to have been sent by known healthcare providers or banks.
These scam texts contained links, the use of which was banned by the Bangko Sentral ng Pilipinas and the National Telecommunications Commission to help consumers easily identify suspicious messages.
Aguirre said the NPC is trying to identify the said data aggregators involved. Those identified and are proven to have violations are being blocked, he added.
On the SMS-linked or smishing, the NPC said investigations are still ongoing.
Meanwhile, the NPC said it is ready to collaborate with the Department of Information and Communications Technology, and the Department of Trade and Industry in the formation of the implementing rules and regulations for the SIM registration bill.
The measure, which was approved by both the House of Representatives and the Senate, could soon be passed into law since the bicameral committee has agreed on some conflicting provisions, Senator Grace Poe said.
Among the agreed provision is the dropping of the word "card" to include all iterations of the SIM moving forward.
Based on the bicameral committee report, telcos will be in charge of registering new and existing SIM within 180 days of the effectivity of the law.
New SIMs will only be activated upon registration, the measure proposed.
Aguirre said once all SIMs are registered, the fight against cybercrimes would be more effective.
"Madali na po natin ma-access at macorrelate ang prepaid sim na ginamit don sa kung kanino man naka rehistro to," he said.
(It would be easier to access and correlate prepaid SIMs from whom they were registered)
Telcos and cybersecurity experts have agreed that the mandatory registration of SIM cards would help reduce or even eradicate SMS-linked scams.