PLDT Inc. and its wireless unit Smart Communications Inc. have rolled out an improved blocking tool to address the rampant sending of scam messages.
“Smart’s much-improved blocking capabilities have prevented a significant number of SMShing messages from reaching customers. But scammers keep looking for new ways to run their phishing activities. They now send unclickable links, but with the same goal of luring customers into opening malicious domains,” said Jojo Gendrano, PLDT and Smart chief information security officer.
Based on Smart’s investigation, scammers replace the dots in a URL with another character like “underscore” or “slash” to mask or conceal the hyperlinks. They will then ask potential victims to manually copy the address, place it on their browser and replace the special characters with dots, thereby activating the link.
Another method is sending what may look like IP addresses but are numeric clickable links.
With this, PLDT asked subscribers not to answer calls or respond to messages from unknown persons or entities especially those asking for one-time passwords (OTP). Official bank and Smart agents will never ask for the OTP.
From January to May of this year, Smart has blacklisted more than 615,788 mobile numbers tied to illicit and fraudulent activities, including spamming and SMShing scams. This number includes all fraudulently registered SIMs, purged through Smart’s strict validation process of all SIM registrations.
PLDT said subscribers can report suspicious messages or calls at Smart verified and official social media pages.
