How to stay safe from phishing scams as SIM registration deadline looms

The Department of Information and Communications Technology (DICT) has made it clear that there will be no further extension for SIM card registration in the Philippines.

As the July 25 deadline set by the national government approaches, only 60.75% of the 168 million SIM cards have been registered, leaving more than 40% of Filipinos vulnerable to deactivation.

What’s more, scammers are exploiting the situation by employing social engineering methods like phishing. They use SMS to trick users into sharing personal data, such as One-Time Passwords (OTPs) through fake registration links.

In a typical phishing attack, scammers will send fraudulent messages claiming to be from legitimate sources, like telecommunications companies, urging recipients to register their SIM cards by clicking on a link provided. Unsuspecting users, driven by fear of deactivation, may fall into the trap and unwittingly share their personal details, enabling cybercriminals to gain control over their accounts and exploit them for financial gain.

Palo Alto Networks shares some of the measures you can take to guard yourself against phishing attacks: 

1. Be wary of links received from unfamiliar numbers or sources, especially those claiming to be from your telecom provider. Avoid clicking on suspicious links, as they may lead to fraudulent websites designed to steal your personal information.
2. Scrutinize links for anomalies. Check for misspellings or unusual URLs in the links provided. Phishers often employ tactics such as using slight variations of genuine domain names to deceive users.
3. Familiarize yourself with your network provider’s legitimate process for SIM registration. This will help you distinguish between genuine communications and phishing attempts.
4. Stay informed on security measures. Some telecom providers and other organizations, such as banks, proactively block links via SMS to combat phishing attacks. Stay up-to-date with the security measures implemented by your trusted apps or organizations to enhance your protection.
5. Leverage Multi-Factor Authentication (MFA). Activating MFA provides an extra layer of security, acting as a vital firewall for your devices during this heightened risk period.

“Phishing attacks will persist as the SIM card registration deadline draws nearer. Cybercriminals’ primary goal is to seize control of your number and exploit your OTPs to steal your money,” said Steven Scheurmann, Regional VP for ASEAN at Palo Alto Networks.

“To stay safe, it’s crucial to think before you click and remain vigilant whenever you need to share sensitive information. Embracing the Zero Trust principle and granting the least privilege to your personal data can significantly bolster your defenses against phishing threats,” he added.