Local telco Smart Communications has cited a report from the Philippine National Police (PNP) and the National Bureau of Investigation (NBI) suggesting that the personalized spam text messages proliferating recently could be the handiwork of scammers who mined subscriber data from GCash and Viber.

The PLDT-owned telco said in a statement that based on coordination with the PNP and the NBI who ran simulation tests on the scam, the culprits may have used the popular e-wallet and online messaging platform to harvest the names of subscribers.

“Our initial investigation showed that criminals may have acquired or bought the data from different establishments. Then, they ran the mobile numbers on GCash and Viber to get the names of the subscribers and use them on their messages,” said Christopher M. Paz, chief of the NBI Cybercrime Division.

Angel Redoble, FVP and chief information security officer of PLDT and Smart, clarified, however, that the infrastructure of GCash or any digital wallet has not been compromised.

“The criminals simply checked the mobile numbers if they are subscribed to the platform. The scammers seem to have found a way to automate the harvesting of names from different sources,” Rodoble said.

“Another possible source also are some mobile loan applications that are designed to extract personal information from smartphones where they have been installed,” he added.

Smart said based on the investigation conducted by its Cyber Security Operations Group (CSOG), the messages are being sent by individual SIMs and do not come from aggregators or their clients.

“There’s no recent cybersecurity incident that may have allowed criminals to breach our infrastructure and steal customer data to be targeted in their fraudulent activities,” said Rodoble.

“We believe that the recent smishing attacks are being perpetrated by local operators. We continue to work with law enforcement agencies to track down the criminals,” he stated.

Smart said it continues to intensify its campaign against ‘smishing’, blocking more than 11 billion attempts to open links associated with spam messages from January to August of this year.

This was made possible by the company’s efforts to prevent access to more than 9,000 uniform resource locators (URLs) tied to the illegal activity.

The telco said its SMS Firewall Blocking also has prevented more than 300 million malicious messages from reaching its customers in the first eight months of the year.

Smart further shored up its defenses against spams, hoaxes, and smishing activities by blacklisting around 167,000 listed accounts that have been found to be sources of fraudulent messages.