Privacy agency: Still no culprit in leakage of personal data

Text scam photo, with closeup of cellphone in background. STORY: Privacy agency: Still no culprit in leakage of personal data

INQUIRER FILE PHOTO

MANILA, Philippines — The National Privacy Commission (NPC) said on Wednesday that data aggregators are unlikely sources of the personalized text scam messages people have been getting in the past two weeks.

But former privacy commissioner Raymund Liboro told the Inquirer that it was too early to absolve data aggregators or brokers in this rampant scam because they were found to have done it before.

The privacy commission, in a statement, reasoned that data aggregators could not have had a hand in the use of personal data that still-unidentified scammers used to con people into the scheme.

“The NPC, through its complaints and investigation division, has observed from the ‘smishing’ reports it received, that the smishing messages appear to have been sent using specific mobile numbers registered to certain texting services,” the NPC in a statement.

Smishing is the criminal act of sending text messages to induce individuals to reveal personal information, such as passwords or credit card numbers, or to download malicious programs, such as ransomware.

Receivers of such messages should not click on any link in the message, and instead, block the sender and report the sender’s number to the authorities.

“Contrary to a (phone-to-phone or P2P) transmission, data aggregators use an application-to-phone (A2P) transmission. The messages received through this transmission will not appear to have come from specific mobile numbers, instead, it will come from a sender that has SMS (short messaging system) identification,” the commission said.

Not the first time

But Liboro said it was too early to rule out the possible involvement of data aggregators or brokers in the modus operandi because they have done it before.

Just 10 months ago, or in November 2021, Globe Telecoms reported to the NPC that data broker Macrokiosk, which was allegedly tapped by a firm named China Skyline Telecom, was the primary source of messages that “share the theme of job hiring and contain a Whatsapp contact link.”

This data broker was tagged as one of the responsible firms in either calling or texting millions of Filipinos that offered either jobs or investment schemes.

During that time, Globe said that 1.55 million such messages were sent through its network from Nov. 11 to Nov. 21 alone.

Still, the NPC said that telecommunication companies have blocked and are continuously blocking identified mobile numbers involved in these smishing messages.

The privacy commission also said its investigation of these text messaging scams, which it earlier characterized as “alarming,” would continue.

RELATED STORIES

Text scam that knows phone user’s name raises alarm

WATCH: Smishing: ‘Personalized’ text scams in the Philippines

Senators alarmed as they too become targets of text scams

Read more...