No letup in PLDT, Smart’s anti-smishing campaign


PLDT and its wireless unit Smart Communications, Inc. (Smart) continue to clamp down on malicious text messages by going after internet links that aim to defraud customers.

In a statement, PLDT and Smart said that from June 10 to 28, 2022, PLDT and Smart’s Cybersecurity Operations Group (CSOG) has blocked more than a hundred URLs and domains tied to text scams bringing the total links blocked to 650 in the first half of 2022.

“Apart from blocking malicious text messages and SIMs, PLDT and Smart are also clamping down on URLs or domains that are often linked to ‘smishing’ activities. This adds another layer of protection for our customers and prevents access to these sites that target their personal data,” said Angel Redoble, First Vice President and Chief Information Security Officer.

‘Smishing’ or SMS phishing is a form of social engineering done through text messages that deceive customers into thinking that these messages were sent by banks, recruitment agencies, tour operators and other companies. These messages contain links to websites that lure victims into revealing their personal information.

The CSOG team explains that the internet is made up of three layers. The first layer, called the surface layer, is any site accessible to anyone. This constitutes about 10% of the internet. Below it is the deep web which houses exclusive sites for specific groups or subscriptions that require login credentials. Hidden in the deep web and making up a small fraction of it, is the dark web which is a hotbed for illegal activities. The dark web does not appear on search engines and needs a special browser to be accessed. 90% of the internet is believed to be made up of the deep web and the dark web.

“Most phishing sites are tucked in the deep web. When cyber criminals have acquired the victim’s personal data, they use this to access the victim’s bank accounts or trade them in the dark web,” explained Redoble.

PLDT and Smart have been fortifying their cybersecurity infrastructure, investing nearly ₱3 billion in 2021, to safeguard the public against emerging cyber threats and vulnerabilities, including online fraud and other criminal activities.

The efforts of PLDT and Smart to detect and block malicious messages, including SIMs and websites tied to fraudulent activities, are fundamental to the PLDT Group’s much broader program to elevate the quality of customer experience by protecting them from threats and attacks.