Cyber criminals run rampant via SMS, prey on Filipinos in need of jobs

MANILA, Philippines—Have you recently received a text message claiming to be from a company representative or a human resource manager, offering you a part-time or work-from-home job that could help you earn tens of thousands of pesos per month?

Those text messages usually go like this:

“Dear, I am a human resources manager. You have been selected for a part-time/full-time job. Now you can reach P800-P10,000/day,” including an attached link, which the sender will ask you to click or open to proceed with the application process.

If these offers seemed to be too good to be true, they are.

But the criminals behind the scheme know the vulnerabilities of Filipinos nowadays–jobs.

Some individuals who are in desperate need of income after losing their jobs because of the still ongoing COVID pandemic would find these offers, albeit fraudulent, very enticing.

According to the Philippine Statistics Authority (PSA), the country’s unemployment rate rose to 8.9 percent—around 4.25 million jobless Filipinos—just this September

The rate was the highest since January this year.

READ: PSA: Number of unemployed Filipinos rises to 4.25M in Sept. 2021

In this article, INQUIRER.net will explain the details behind these dubious job offers and how the public can protect itself from the criminals preying on the desperation of people to find employment.

Surge of ‘job offers’

On Nov. 22, Sen. Joel Villanueva flagged social media posts about complaints on the surge of text scams that have been bombarding random mobile phone numbers with dodgy job offers.

“This is the new budol in town,” Villanueva said in a statement, referring to a fraud scheme in which victims are offered high returns in exchange for cash or valuables.

The senator described the apparent “robo texts being blasted” as a “variant of fake news” and warned that it is something that “many people can fall for.”

“In a nation where unemployment and digital disinformation are high, these kinds of messages can mislead many. A lot of our fellow citizens, especially those looking for work, will be swindled by this,” Villanueva said.

READ: Villanueva asks privacy body to probe ‘epidemic’ of shady job offers via text

Malacañang on Nov. 23 said the text blasts offering fake jobs is a “cause for concern” for both the government and the public since it is considered a violation of privacy.

READ: Palace: Spam texts on fake job offers ‘cause for concern’ as privacy issue

Graphic by Ed Lustan

Below are some other examples of the text messages sent by unknown numbers, offering heaps of money per month. Authorities should take note of the phone numbers and get help from telecommunications companies to trace their users.

How these scams work

These types of shady job offers sent through text messages, which instructs unknowing individuals to click a link, are considered as “smishing”—a combination of SMS (short message service) and phishing —a variation of phishing through which mobile phone users are tricked into sharing private information.

“Smishing is a type of phishing attack that targets victims through mobile text messaging or SMS,” said the National Privacy Commission (NPC).

“Smishing attacks occur when threat actors send text messages to trick subscribers into clicking malicious websites,” the NPC added.

According to the commission, the links included in the unsolicited messages could redirect the victim to legitimate-looking but fraudulent websites.

The NPC said these sites may steal the victim’s personal data, introduce mobile malware, and even commit fraud, among other schemes.

“One smishing scenario involves the activation of a dummy Facebook account. The text message sent to a user contains a code and a shortened link that, when clicked, binds the recipient’s mobile number to the dummy account,” the commission said in a bulletin released on Oct. 7.

According to PLDT Inc.’s Smart Communications, these links could lead to a site or platform where the victim or subscriber would be asked to create an account.

READ: Smart warns subscribers vs text messaging scams, SIM swapping

“Upon creating your account, you will receive a small sign-up bonus. You will then be asked to remit varying amounts starting from as low as Php200 from which you will earn a corresponding ‘commission.’ The higher the amount you pay, the higher your commission will be,” said Smart.

“The amounts continue to increase until such time the scammer will no longer remit the commission,” the company added.

Where did it come from?

Some people have expressed concern that the scam text surge might have used the contact numbers and details submitted for contact tracing.

Last month, the NPC said it has received reports of similar unsolicited SMS messages received by mobile phone users, which were allegedly mined from the contact information that the users provided in COVID-19 contact tracing and health declaration forms.

However, in a statement released on Nov. 23, Privacy Commissioner Raymond E. Liboro said initial investigation by the NPC found that the recent smishing activities were “run by a global crime syndicate, not by a group that has gained unauthorized access to contact tracing forms.”

“If our initial findings prove true, that personal data is being exploited by criminals abroad, then this also becomes a matter of national security, which should compel government, the private sector and advocate groups to work hand in hand and take more urgent and concrete action to safeguard,” Liboro said.

At a Laging Handa press briefing last Nov. 23, Liboro said the commission has not found any direct evidence that could prove that the numbers used in the scam had been obtained from contact tracing forms.

He added that these kinds of scams also occur in countries outside the Philippines.

“This is a big scam. Based on our monitoring, it does not only happen in the Philippines but also in other countries. It is done by an organized syndicate,” he said.

READ: NPC: Spam messages come from global syndicate, not from contact tracing forms

Probe against smishing

The NPC said it has summoned the data protection officers of the major telecommunication companies in the country—Globe Telecom, Smart Communications, Dito Telecommunity—and online shopping sites Lazada, Shopee and several banks “to report on their spam prevention measures and further steps to combat the recent surge of scam texts that have been soliciting and misusing personal information.”

“We have summoned them to detail their current and future measures to combat smishing. Ultimately, we want to secure their commitment and focus in fighting these fraudulent practices so we can best strategize how to block these messages and protect our data subjects,” Liboro said.

In a memorandum dated Nov. 19, the National Telecommunications Commission (NTC) has also ordered all telecommunication companies to warn their subscribers against the criminal scheme.

The memorandum instructed all telecommunication companies to send out a “text blast” with the following proposed warning:

“WARNING! Don’t believe the text that supposedly offers jobs. Please do not provide personal information. This is a scam.”

READ: NTC orders telcos to warn subscribers against spam texts

Globe Telecom, one of the telco giants in the country, said it has been closely monitoring the spam messages sent to its subscribers amid the rising cases of scam texts.

According to the company, its cybersecurity team has already deactivated around 5,670 spam numbers and has blocked at least 71 million messages this year.

“We take unsolicited and fraudulent messages seriously, and protecting Globe customers from these scams remains a top business priority,” Anton Bonifacio, Globe chief information security officer, said in a statement.

READ: Globe Telecom cracks down on deluge of spam messages

Smart Communications likewise warned its subscribers about “SIM swapping” or “SIM take-over,” a modus where somebody tries to transfer a subscriber’s SIM mobile number to another SIM through social engineering techniques.

Abiso sa SIM Take-Over

Sa kabila ng napabalitang SIM swapping scam sa telco industry, nais po naming ipabatid na ligtas po ang inyong data sa amin. #CyberSmart pic.twitter.com/SbNxSHXvqO

— Smart Newsroom (@SmartNewsroom) November 3, 2021

Liboro assured the public that the telco companies are already removing domain names that were linked or embedded in the spam text messages.

He also added that banks and financial technology (fintech) companies are finding ways to freeze the accounts of scammers and their accomplices where some victims have sent their money.

READ: Telco firms now removing linked domain names in spam messages, says NPC

Protect yourself from smishing

Globe has previously issued some details to look for in order to identify when a text message is legitimate or when it is a scam.

According to the telco company, text scams could have any of the following details:

• The sender of the message comes from an 11-digit mobile number.
• Some amount of money is involved or sending a message to another number.
• Winning alleged raffle prizes.
• Relatives in trouble abroad.

READ: 5 signs a text message is a scam

Smart Communications, on the other hand, advised its subscribers to be vigilant against mobile messaging scams.

The telco company has told the public to:

• never entertain questions/surveys from unknown senders
• never provide personal information to strangers
• use their text messaging app’s built-in blocking feature
• report incidents to the NTC via https://ntc.gov.ph/complaint.

The NPC told data subjects to always scrutinize the messages they receive and not easily believe lofty promises of easy, passive income opportunities and high-paying jobs.

“If from an unknown number, and with an offer that is too good to be true, it is most probably not true and is a scam,” Liboro said.

In a bulletin posted last month, the NPC listed some precautionary measures to avoid falling prey to smishing and other similar scams. These include:

• Do not click links of services you did not sign up for and be cautious with shortened links.
  “A URL shortening service is an online tool that allows users to create a short and unique website link. These URL shortening services may be used by threat actors to conceal their malicious links.”
• Always remember that malicious links require an action from you, such as filling out online forms with your personal or financial information.
• Do not open in-app links.
• Block, filter, and report unsolicited messages from unknown senders.

TSB