Globe has been the subject of fraudsters recently as their sender ID, the name that appears as the sender in a text message, has been seen being used for smishing campaigns fronting redemption of “premium rewards”.
Just this month alone, the spoofed Globe sender ID has been reportedly used to send phishing links through SMS – the first one was on May 17th while the most recent one was just today, May 26th. While both appears to have similar content, the links are different – the first one used the domain globecomph[.]quest while the second used globe-co-mph[.]top. Both domains are obvious variations of Globe’s official domain and are not related to globe[.]com[.]ph.
What makes this specific smishing campaign tricky is that it used the sender ID of “Globe” to send out the malicious messages. Traditional smishing attacks are using random numbers or sender IDs which can be easily blocked in anyone’s phones (depending on the phone’s features though). Some people are speculating that Globe’s sender ID may have been compromised.
Globe earlier this year released an advisory against these phishing attacks. According to the telco giant, the culprits behind this are taking advantage of their Globe Rewards expiration advisory. Globe is also encouraging those who have received the malicious text messages to report them to their #StopSPAM portal.
- Phishing Email Analysis Landing Page - September 19, 2024
- BPI to hold Cybersecurity Conference to ‘Fortify Cyber-Resilience in an AI World’ - July 25, 2024
- New Smishing Campaign makes use of Globe SMS Sender ID - May 27, 2024