Remember when GCash released a promo regarding Mystery Ang Pao about a month ago in line with their Chinese New Year campaign? Apparently, this has been used in the recent smishing incident targeting GCash users who are still waiting for the reward to be credited on their accounts.

One user reported a GCash Advisory SMS that he received saying that he can now claim his P1,850 rewards from the Mystery Ang Pao promo. Similar to our previously featured GCash smishing cases, the message was sent by an unknown Globe prepaid number containing a link to where recipients can log in with their GCash accounts. With this new smishing variant, the cybercriminals have masked the link with, a URL shortener.

The suspicious URL redirects to a newly created Wix website. As we all know, this platform is a free-to-use web development tool that can help you build your own site as easy as 1-2-3.

The phishing site is still up as of this writing. We will have this coordinated both with Wix (to take down the phishing site) and GCash (to deactivate the associate Globe prepaid number.


March 3, 2019: Wix confirmed that they have disabled the website.

Fjordan Allego
Follow me

Related Posts:

By Fjordan Allego

Fjordan Allego aka Fjordz is an IT security practitioner in the Philippines. He maintains a couple of blogs where he shares his views on various topics that he finds interesting. A self-confessed introvert who's mostly active in social media, Fjordz also loves to travel and explore the wonders of the world.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.