Following a joint investigation conducted by the National Privacy Commission (NPC) and GCash, the leading mobile wallet service, concerning the recent surge in phishing scams, certain gambling sites and apps have been discovered to be associated with account takeovers. GCash is now urging its users to exercise extreme caution when accessing online gambling platforms and, if possible, to avoid them altogether.
The fraudulent scheme involved the creation of gambling apps falsely claiming accreditation from the Philippine Amusement and Gaming Corporation (PAGCOR). These apps deceived users by presenting a verification process, redirecting them to a counterfeit GCash website or payment page for topping up betting credits. Through this elaborate ruse, fraudsters were able to gather sensitive information such as credit card details, passwords, GCash numbers, MPINs, OTPs, and other personal data that could be exploited to gain unauthorized access to user accounts.
“The trust and safety of our customers remain our top priority, which is why we are relentless in ensuring the public is made aware of phishing scams related to online gambling. This commitment aligns with our own world-class security features and innovations that provide our users with additional layers of protection against evolving threats,” emphasized Pebbles Sy, Chief Technology and Operations Officer of GCash.
In the past month, GCash announced its collaboration with various law enforcement agencies to investigate a thwarted phishing attempt, which the GCash cybersecurity team resolved within the same day of detection. During their internal investigation, GCash traced the phishing link back to fraudulent messages disguised as SIM card registration notifications.
“Our intensified collaboration with law enforcement authorities will continue to expose these scams, but we encourage everyone to join this crusade by staying informed about phishing,” added Sy.
GCash maintains close cooperation with law enforcement entities, including the Philippine National Police (PNP), the National Bureau of Investigation (NBI), and the Cybercrime Investigation and Coordinating Center (CICC).
GCash reiterates its warning to users to never share their MPIN or OTP with anyone and to avoid clicking on unfamiliar links from websites, emails, or messaging apps.
Users in need of assistance can contact the PNP-ACG through their hotlines at (02) 8414-1560 or 0998-598-8116, or via email at acg@pnp.gov.ph. To report scams and fraudulent activities, users can visit the official GCash Help Center within the app or at help.gcash.com, message Gigi, and type “I want to report a scam.” Customers can also reach out to the official GCash hotline at 2882 for inquiries and other concerns.
