The Cybercrime Investigation and Coordinating Center (CICC) and Globe Telecom Inc. on Wednesday warned about a new phishing scam that leverages the official Globe SMS thread to steal personal and financial information.
The CICC executive director Alexander Ramos, revealed that the scam involves SMS messages that falsely claim expiring rewards points. Recipients are urged to click a malicious link to redeem the non-existent points
“This new scheme is dangerous and alarming since perpetrators appear to have bypassed a National Telecommunications Commission memorandum on blocking clickable URLs in SMS,” Ramos said.
“This underscores the need for further collaborative efforts to combat SMS based phishing,” he said.
CICC investigators discovered that the domain used in the phishing campaign was created on Nov. 27, 2024 and the Internet Protocol (IP) location is in Bucharest, Romania.
The phishing SMS first inform users about the expiration of their Globe rewards and are directed to a page labeled as “Point Expiration Reminder.”
The fake Globe site then provides a “Globe Menu” listing items that users can redeem with their points.
This setup is designed to entice users into believing they are eligible for rewards, thereby luring them into providing sensitive personal information.
Upon selecting a reward, users are redirected to a Shipping Address Form. This page collects sensitive information such as name, address and contact details, under the guise of facilitating delivery of the chosen item.
The next step involves redirecting the user to an “Online Payment page” where they are prompted to provide their card details.
The site claims that an “extra payment” is required to cover the cost of the reward, which serves as the primary mechanism for harvesting financial credentials.
The site’s ultimate goal is to collect both personal and card information, which could lead to unauthorized transactions, identity theft, and broad financial fraud for the victim.
CICC appealed to the public to call the Inter-Agency Response Center (IARC) Hotline 1326 if they fall prey to phishing. The hotline is toll-free and operates round-the-clock from Mondays to Sundays including holidays.