27k unique visitors in the last 3 days

Philippines to Fight Imports of SMS Blasting IMSI-Catchers Used for Smishing Attacks

The Philippines government says they are working with Globe Telecom on protecting consumers from portable SMS blasters.

A news release by the Philippine government says they are collaborating with Globe Telecom, a leading Philippine telco, and law enforcement agencies on stopping imports of portable radio devices typically used to send fraudulent SMS messages to any mobile phone within range.

Froilan Castelo, General Counsel at Globe Telecom is quoted as saying:

We are working with the government to prevent the importation and use of IMSI catchers, which are the primary tools enabling these security breaches. We need more robust enforcement of the law concerning spoofing and the proliferation of this illegal equipment.

Castelo described how the IMSI-catchers are being used for the same kinds of SMS blasting fraud attacks that have occurred in various other countries, as reported with increasing frequency by Commsrisk. The essential approach is to carry the device in a vehicle or a backpack through heavily-populated urban areas. The device acts as a false base station, connecting to mobile phones in the vicinity and undermining security protocols by downgrading the connection to 2G. It then sends fraudulent SMS messages, typically containing links to phishing websites, whilst also gathering data about the phones it has connected to.

Castelo stated these IMSI-catchers may be fully built when imported, or they may be imported in parts which are then assembled within the country. Shipping the devices in parts suggests criminal enterprises are already trying to evade import controls. Chinese manufacturers of SMS blasters openly advertise their sale on the internet. The devices used for a high-profile smishing scam received by hundreds of thousands of Parisians were supplied by a Chinese arms dealer.

The increased use of SMS blasters is believed to be motivated by the success of anti-fraud controls that have previously been introduced. P2P SMS messages are blocked if they contain URLs, and only approved entities may send A2P SMS messages containing URLs. Globe also recently decided to voluntarily stop including hyperlinks in SMS texts that it sends to customers in order to help them distinguish between trustworthy and scam messages. Castelo linked the use of SMS blasters to other modes of smishing by using the word ‘spoofing’ to describe how they are mimicking the Sender IDs of legitimate entities. There have also been reports of scammers impersonating agents of Globe Telecom to gather bank details of victims by pretending to sign them up for a corporate loyalty program.

The government press release can be seen here.

Eric Priezkalns
Eric Priezkalnshttp://revenueprotect.com

During his career, Eric has been a Director of Risk Management for a national telco, the Chief Executive of the Risk & Assurance Group, a Chief Marketing Officer for a software business, a consultant, a public speaker and the publisher of Commsrisk since its launch in 2006. Look here for more about the history of Commsrisk and the role played by Eric.

The comms providers that Eric has worked for include Qatar Telecom, Cable & Wireless, T‑Mobile, Sky and Worldcom. In addition to his proficiency at speaking about the current scamdemic, Eric is also a qualified chartered accountant and a subject matter expert in consumer protection, enterprise risk management, fraud prevention, data integrity and billing accuracy. Eric was the lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He can be reached through the contact form on this website.

Related Articles

The Commsrisk Global Fraud Dashboard


Our Global Fraud Dashboard uses AI-powered search to collate, update and visualize data about scams and other network abuses from around the world. New charts are added each month. See it here.

Get Our Weekly Newsletter by Email