Palo Alto Networks, a cybersecurity solutions provider, advises mobile device users to be more cautious of phishing attacks as the deadline for SIM card registration ends on July 25, 2023.
According to the data from the Department of Information and Communications Technology (DICT), only 60.75% of the total 168 million SIM (Subscriber Identity Module) cards have been registered so far, leaving over 40% of Filipinos at risk of deactivation and social engineering tactics such as phishing.
Palo Alto Networks believe that scammers are taking advantage of the situation, sending SMS messages to lure users into sharing personal information via bogus registration links, posing a persistent and dangerous threat.
In a typical phishing attack, scammers will send fraudulent messages claiming to be from legitimate sources, like telecommunications companies, urging recipients to register their SIM cards by clicking on a link provided. Unsuspecting users, driven by fear of deactivation, may fall into the trap and unwittingly share their personal details, enabling cybercriminals to gain control over their accounts and exploit them for financial gain.
Obtaining personal information
“Cybercriminals’ primary goal is to seize control of your number and exploit your OTPs to steal your money,” Steven Scheurmann, regional VP for ASEAN at Palo Alto Networks, said in a statement. “To stay safe, it’s crucial to think before you click and remain vigilant whenever you need to share sensitive information. Embracing the Zero Trust principle and granting the least privilege to your personal data can significantly bolster your defenses against phishing threats.”
Palo Alto Networks shares some of the measures one can take to guard oneself against phishing attacks as the SIM card registration deadline approaches:
- Exercise caution when presented with unknown links: Be wary of links received from unfamiliar numbers or sources, especially those claiming to be from your telecom provider. Avoid clicking on suspicious links, as they may lead to fraudulent websites designed to steal your personal information.
- Scrutinize links for anomalies: Check for misspellings or unusual URLs in the links provided. Phishers often employ tactics such as using slight variations of genuine domain names to deceive users.
- Research official SIM registration procedures: Familiarize yourself with your network provider’s legitimate process for SIM registration. This will help you distinguish between genuine communications and phishing attempts.
- Stay informed on security measures: Some telecom providers and other organizations, such as banks, proactively block links via SMS to combat phishing attacks. Stay up-to-date with the security measures implemented by your trusted apps or organizations to enhance your protection.
- Leverage Multi-Factor Authentication (MFA): Activating MFA provides an extra layer of security, acting as a vital firewall for your devices during this heightened risk period.