Philippine online scams continue to evolve, with a new type of scam recently reappearing, victimizing many Chinese. The scam group impersonates GCash to send text messages, falsely claiming "You have received 5,000 pesos in disaster relief," and includes a phishing link to lure users into entering their account and verification code, subsequently draining their accounts.
These phishing text messages often appear to be from GCash, the Department of Social Welfare and Development (DSWD), or the Social Security System (SSS), with content that looks legitimate, often stating "successful transfer notification" or "click to check balance," which is highly deceptive. GCash officially urgently reminds users: the platform never sends any links through text messages, and if you receive such information, please delete it immediately!
The acting executive director of the Philippine Cybercrime Investigation Center (CICC), Aboy Paraiso, stated that once victims click on the link, they are often led to a fake website where they enter sensitive information such as bank account numbers and one-time passwords (OTP), leading to the rapid theft of their funds.
What is more terrifying is that this type of scam is not just a common mass text message but is implemented through an illegal device known as an IMC Catcher. This device can impersonate the SMS source of legitimate institutions and hijack the victim's original SMS dialog box, making the false information appear as if it is genuinely from GCash or a bank.
Paraiso pointed out that the IMC Catcher can operate within a 500-meter range and is often secretly brought into crowded areas such as malls, supermarkets, and stations. CICC investigators have also personally received phishing text messages in shopping centers, confirming that the scam group is targeting people in public spaces.
He warned that these devices not only can forge numbers but also completely block victims from receiving real notifications from banks or platforms, forging complete text message records, "You might think you are seeing a verification code sent by the bank, but it is actually a tool used by scammers to lead you to destroy your own wallet."
CICC calls on the public, if you receive any unclear text messages containing links, do not click, do not reply, delete immediately, and report suspicious behavior through official channels to assist in investigating the source of the scam and the users of the devices.
At the same time, CICC also urges telecommunications operators to accelerate the deployment of technical defenses, intercept illegal signal intrusions, and remind the public to be highly vigilant, especially on high-frequency wallet platforms like GCash, not to trust any sudden subsidies or transfer notifications, to avoid falling into "blatant scam" schemes. Increasing vigilance is the key to protecting your digital wallet.
