December 6, 2021 | 9:20 AM GMT+0800 Last Edit: December 6, 2021
Ten government agencies, including the Bangko Sentral ng Pilipinas (BSP) and Department of Justice (DOJ), have joined efforts to catch those behind the epidemic of smishing and text spams luring Filipinos into spurious investment schemes and work from-home jobs.
“We desire to assist victims of cybercrime to the fullest and … bring the culprits to justice,’’ said Executive Director Cezar Mancao of the Cybercrime Investigation and Coordinating Center (CICC) at the creation of the technical working group against ICT enabled scams and fraud
Spearheaded by the CICC, the group includes the National Privacy Commission (NPC), Department of Information and Communications Technology, National Telecommunications Commission (NTC), Department of Labor and Employment, Department of Trade and Industry, National Security Council, and Anti-Money Laundering Council.
The group was created at an online meeting called by the NPC on November 26 to prevent what Privacy Commissioner Raymund Liboro called a potential “privacy disaster.” Millions of ordinary Filipinos are targeted by smishing and text spam. Many of them could have fallen prey to the scams and lost their hard-earned money.
From November 11 to November 21 alone, Globe Telecom reportedly sent 1.55 million messages through its network.
App, portal, hotline
Among the measures, the interagency group has identified to address the problem was the setting up of a hub that will centralize complaints, including those filed with other agencies.
The CICC is now developing an app and a web portal where victims could report a scam through a hotline and dedicated website, according to Mancao.
The CICC will then furnish the telcos with the numbers provided by the victims and those gathered by other agencies so that these are blocked. Globe Telecom has so far blocked 1 billion messages since January. In addition, Smart Communications has blocked at least 60 web domains linked to the scam.
Mancao said the CICC would employ a triage system and refer cases to appropriate agencies for action, even as he called on other agencies to assist his office in addressing “tactically and strategically” the ICT-assisted scams and fraud.
The DOJ Office of Cybercrime offered to facilitate coordination with international agencies to fight against globally operating syndicates behind the scam.
Justice Undersecretary Jon Salvahan said the DOJ, as the country’s central authority on international legal cooperation, would enlist the help of law enforcement agencies overseas in intelligence gathering and investigation of the syndicates.
Data aggregators to be summoned
The NPC will summon five data aggregators after being eyed as possible conduits behind the surge in smishing (a portmanteau of SMS [short message service] and phishing) and text spams over the past weeks.
Companies like global brands tap the aggregators to act on their behalf and deal with telcos in blasting promotions and other messages to customers.
For its part, the BSP Financial Supervision Sector said it was strengthening fraud management among financial institutions. One challenge, though, is how to hold on to proceeds in bank accounts and payment platforms used in the scams given the constraints posed by the Bank Secrecy Law, said BSP representative Deputy Director Byron Goli.
The BSP also welcomed the centralization of complaints under one portal, noting that it currently refers complainants to other agencies like the Philippine National Police, the National Bureau of Investigation, and the DOJ.
The centralization of complaints for action by concerned agencies will result in swifter responses and help boost public trust in government, according to Liboro.
Voluntary call and text attestation
Besides these short-term actions, the interagency group is looking at prepaid text and call attestation, which can trace the owner of numbers listed in a registry to be attested by telcos.
Liboro said call attestation was being implemented in the United States by the Federal Communications Commission (FCC) to curb robocalls. Marketers must register with the FCC under a scheme in which telcos could attest to the origin of calls.
According to the Privacy Commissioner, telcos in the country are open to the idea that they said was technically feasible.
“How can you trust a number calling or texting you? There should be a way to attest the number contacting you,” Liboro said. “For small entrepreneurs for example, having their prepaid numbers attested could boost their businesses because customers could be assured that they are dealing with someone that can be traced through a verified telco registry. Attestation could even help prevent bogus online deliveries and other ICT enabled frauds,” he added.
Increasing risks, reducing benefits
NTC Deputy Commissioner Edgardo Cabarios suggested two ways to address scams and fraud. One is by increasing risks to the scammers, and another is by reducing their benefits.
A SIM-registration scheme that could limit the options for criminals and possibly lead to arrests would increase the risks to the scammers. But, at the same time, effective law-enforcement and increasing citizens’ awareness not to fall prey to scams and blocking numbers sending phishing and text spams would reduce the benefits derived by those behind the scams, Cabarios said.
The next meeting of the interagency group is scheduled for Dec. 10.