NPC tracking sources of texts on job scams
MANILA, Philippines — The National Privacy Commission (NPC) is pushing to track the owners of the numbers used in either calling or texting millions of Filipinos, which have been behind the scams that offered either jobs or investment schemes.
The NPC said in a statement that it wants to push for a call and text attestation, which essentially means tracing the owner of a number used in calling or sending texts since these are listed in a registry.
The agency, citing information that came from telecommunication companies, said the smishing and text spams were traced to China and India-web- hosted companies. But the NPC stopped short of explaining how this necessarily linked to a global crime syndicate, which the data privacy authority claimed in an earlier statement.
“At the meeting with the NPC on Nov. 24, the data protection officers of Globe Telecom and Smart Communications revealed a complex chain of data aggregation and handling, involving data brokers, that is bringing new challenges to compliance and enforcement,” said Raymund Liboro, commissioner of the NPC.
Data broker named
In its report to the NPC, Globe identified a data broker called Macrokiosk, which was allegedly tapped by a firm named China Skyline Telecom. The data broker was the primary source of messages that “share the theme of job hiring and contain a Whatsapp contact link.”
Globe said 1.55 million of such messages were sent through its network from Nov. 11 to Nov. 21 alone. The NPC said it had encouraged telcos to continue blocking these data aggregators, as well as the numbers, domains, and internet protocol addresses that enable the smishing and text spams.
Article continues after this advertisementRole of telcos probed
Smart Communications has blocked at least 60 web domains. Globe Telecom, for its part, has blocked 1 billion messages since January, preventing them from reaching and scamming mobile phone users.
Article continues after this advertisementNevertheless, the NPC said in its statement that it had also launched a formal investigation of whether telco companies have exercised due diligence and accountability in transacting with these data aggregators.
The NPC said it sent Globe Telecom Inc., Smart Communications Inc., and Dito Telecommunity Corp. orders to submit within five days documents and information that would provide the Commission specifics on their data flows and transactions involving data aggregators.
The NPC said it also sent orders to Union Bank of the Philippines Inc. and GCash operator Mynt, which the agency said was the main payment channels where victims were directed to deposit their investments. The investment accounts invariably became inaccessible to the victims after they had been enticed to deposit larger sums in exchange for bigger commission.
On Nov. 26, an inter-agency task force was also formed, which would be headed by the Cybercrime Investigation and Coordinating Center. It will serve, among other things, as the hub that will receive complaints from cellular phone subscribers and will be tasked with forwarding the numbers used by scammers to telcos for blocking.