Text scam senders ask mobile users to type in suspicious links on browsers

October 7, 2022 - 5:11 PM
Image by Pexels from Pixabay

After a telco network started blocking texts with links, a new text scam surfaced that asked recipients to type in URLs on their browsers.

Dominic Ligot, the founder of Data Ethics PH, alerted his Twitter followers about this possible new scheme on October 6.

Ligot also provided a screenshot of this suspicious message in his tweet.

“On you probably expected it: Stop being lazy. New SMS spam requests you to use your browser,” he said.

Common text spams have the URL of the website hyperlinked into the message.

This time, the URL is just written in plain text. The sender asks the recipient to copy or type in the URL to online browsers.

“Isulat niyo tong links sa browser niyo,” part of the message reads.

The number used by the sender did not have an SMS ID.

In the reply section, another user said that he has received the same SMS.

“Haha got a similar spam SMS a few days ago. I called the number on your screenshot just now. Also unreachable,” the user said.

Here’s a copy of the suspicious text that Interaksyon received recently.

The content of the message is similar to the one Ligot shared.

Screenshot of a text message with sketchy clickable links (Interaksyon)

There have been different types of reported smishing incidents during the COVID-19 pandemic.

Senders of these unsolicited texts also use names of business entities such as GoGo Xpress, Lazada, WhatsApp and Shopee.

RELATED: New text scam? Client asked of private info via SMS before supposed item delivery 

In recent months, text messages were personalized and contained mobile phone users’ full names.

RELATED: SMS scam level up? Spam text messages now bear full names of mobile users 

In an unprecedented move to combat such text fraud, Globe announced on September 30 that it started temporarily blocking all text messages with clickable links from prepaid and postpaid numbers.

It is the first telecommunications provider to have conducted this measure against spam and scam messages.

“If the SMS (short messaging service) has a link of any kind, we are not going to deliver it, period. This is necessary to protect the customers,” Globe Chief Information Security Officer Anton Bonifacio said in a statement.

RELATED: Reactions to Globe’s measure to stop text fraud 

Other measures vs text fraud

On October 4, GCash, Globe’s mobile wallet service, advised its millions of users to not interact with suspicious links in messages.

It also pointed out that it does not send clickable links in its notifications via SMS, emails and other messaging apps.

#GCheckMuna at i-report ang fake links kay Gigi sa GCash Help Center,” GCash said.

To further protect user privacy, it issued an update on its app wherein some letters of its users’ names were hidden.

Its users can still read their full names in the notifications sent to their inboxes.

READ: Mobile wallet app starts hiding some letters in recipient names amid text scam surge 

Smart Communications, meanwhile, said that it will not be blocking messages with hyperlinked texts in all SMS.

Instead, it employed a different strategy against spammers targeting its subscribers.

“SMS sent via our SMS broadcast service can no longer contain URL shorteners that have been shown to be used by SMS spammers,”  Angel Redoble, FVP and Chief Information Security Officer of PLDT and Smart, said in a statement.

More importantly, we have not hesitated in suspending access to our network of aggregator-clients that have been involved in sending out smishing,” he added.