Phishing attacks now avoiding SMS route

Cybersecurity firm Fortinet warned against hackers finding other attack methods as they are discouraged to launch phishing attempts via mobile messages with the implementation of the mandatory SIM (subscriber identity module) card registration in the country.

Jonas Walker, director at Fortiguard Labs of Fortinet, told the Inquirer that hackers continue to find ways to scam unsuspecting victims.

“Instead of using SMS (short message service) phishing, then they (hackers) will use Telegram, they will use WhatsApp, they will use email more,” he explained. “It is just using the same techniques but in different channels,” Walker added.

The SIM card registration law was enacted to address the surge of text scams as hackers take advantage of the digitalization brought about by the pandemic. Under this measure, all subscribers are required to submit IDs, eliminating their anonymity, which is being exploited by hackers so they can launch their attacks with less likelihood of being traced.

Walker said the mandatory enlistment “solves the issue to a certain degree” but raising awareness against phishing was still the best way to go so the subscribers could protect themselves.

The Fortinet official noted these phishing scams were usually for the monetary gain of the hackers, who have probably been dealing with financial challenges during the pandemic.

“Today, probably 90 percent of all attacks are financially motivated. It is about the money,” he explained. Phishing occurs when users are tricked into providing sensitive information like login credentials via suspicious emails and mobile messages. INQ