A recent investigation by the National Privacy Commission (NPC) and the leading mobile wallet GCash, has led to the discovery of certain gambling sites and apps which were used for account takeovers in the recent surge of phishing scams.
Additionally, some influencers may have unknowingly promoted these gaming apps without being aware of their fraudulent nature. GCash is now cautioning its users to be extremely careful when accessing online gambling sites and apps, and to avoid them altogether if possible.
In this latest scheme, perpetrators created gambling apps while falsely claiming to be accredited by the Philippine Amusement and Gaming Corporation (PAGCOR). These apps deceive users with a verification process, redirecting them to a fake GCash website or payment page to top up betting credits. From there, fraudsters were able to access sensitive information such as credit card details, passwords, GCash numbers, MPINs, OTPs, and other personal data that can be exploited to gain unauthorized access to user accounts.
"The trust and safety of our customers remain our top priority which is why we are relentless in ensuring the public is made aware of phishing scams related to online gambling. This goes hand-in-hand with our own world-class security features and innovations that gives our users additional layers of protection against evolving threats," emphasizes GCash Chief Technology and Operations Officer, Pebbles Sy.
Last month, the leading mobile wallet announced its collaboration with various law enforcement agencies to further investigate a thwarted phishing attempt which was rectified by the GCash cybersecurity team in the same day they monitored the incident. GCash’s internal investigation traced the phishing link to fraudulent messages masquerading as SIM card registration.
"Our intensified collaboration with law enforcement authorities will continue to expose these scams, but we encourage everyone to join this crusade by staying informed about phishing," adds Sy.
GCash continues to be in close cooperation with law enforcement authorities, including the Philippine National Police (PNP), the National Bureau of Investigation (NBI), and the Cybercrime Investigation and Coordinating Center (CICC).
GCash reiterates its warning to users never to share their MPIN or OTP to anyone and to avoid clicking on unknown links from websites, emails, or messaging apps.
For assistance, users can contact the PNP-ACG through their hotlines at (02) 8414-1560 or 0998-598-8116, or via email at firstname.lastname@example.org. To report scams and other fraudulent activities, users can also visit the official GCash Help Center in the app or at help.gcash.com, message Gigi and type "I want to report a scam." Customers can also reach out to the official GCash hotline at 2882 for inquiries and other concerns.