Tag Archives: GCash

data privacy, Internet Security, News, Phishing

Weebly site phishes FB accounts for mobile load

Leave a comment

It’s now easy to create a website thanks to services offered by Weebly and the likes. Just a few clicks here and there with a little bit of creativity, you’ll get yourself your own space in the internet in no time. You don’t even have to pay anything yet unless you want to buy your own domain.

However, some are using these easy-to-set-up website services to host their malicious pages luring innocent people to their strategy.

A Weebly-built website called LiveLoadPH is currently up and actively being shared online by some people who’s Facebook accounts could have been compromised.

How does it work?

If you came across a friend’s post saying you’ll get a free Php 100 load by just going to https://liveloadph[.]weebly[.]com, you might get curious and check what’s it all about.

The website’s main banner welcomes users with a statement to “Stay connected to your friends and family.” as if to touch their innocent visitor’s emotions in relation to the COVID-19 community quarantine.

Scrolling down shows a screenshot of a Php 100 load perhaps to entice people that they are really giving away that much. It further warns that visitors should only fill out their registration form once to avoid spamming their database with multiple requests.

Down at the bottom is a public service advisory reminding people that their operational hours is limited due to the COVID-19 situation. Just beside it is the registration form.

The registration form contains multiple fields including phone number, FB email, password, network and load denomination. If you are in your right mind, you would stop at the second field which asks for your FB email. Why would they get it? And, then your password?

But, just in case you’ve already made up your mind and is going after that Php 100 load because you badly need it, submitting the form would eventually redirect you to a GCash referral page.

Yes, a GCash referral page. A page where someone would earn Php 50 worth of GCash freebies if you decided to sign up. And, that someone is most likely the person behind this scheme. Not only that he got your Facebook account credentials already, he’s also trying to earn GCash rewards from his victims. That’s pure selfishness right there.

Obviously, this website is just phishing for Facebook account credentials to be used for whatever agenda the culprit had in mind. Victims won’t get anything in return even that promised Php 100 load.

If you have already signed up, make sure to update your Facebook password immediately. If you’re using the same password on your email and other online accounts, update them all asap!

We have already submitted the URL to known security vendors for blocking. We will contact Weebly to take down this LiveLoadPH website, and report the GCash referral code to GCash for possible suspension.

Related Posts:

Internet Security, Mobile, News

Another GCash smishing entices recipients with Mystery Ang Pao

Leave a comment

Remember when GCash released a promo regarding Mystery Ang Pao about a month ago in line with their Chinese New Year campaign? Apparently, this has been used in the recent smishing incident targeting GCash users who are still waiting for the reward to be credited on their accounts.

One user reported a GCash Advisory SMS that he received saying that he can now claim his P1,850 rewards from the Mystery Ang Pao promo. Similar to our previously featured GCash smishing cases, the message was sent by an unknown Globe prepaid number containing a link to where recipients can log in with their GCash accounts. With this new smishing variant, the cybercriminals have masked the link with bit.ly, a URL shortener.

The suspicious bit.ly URL redirects to a newly created Wix website. As we all know, this platform is a free-to-use web development tool that can help you build your own site as easy as 1-2-3.

The phishing site is still up as of this writing. We will have this coordinated both with Wix (to take down the phishing site) and GCash (to deactivate the associate Globe prepaid number.

***UPDATE***

March 3, 2019: Wix confirmed that they have disabled the website.

Related Posts:

Mobile, News, Promo & Contests

New GCash smishing leverages on Red Ribbon promo

Leave a comment

GCash’s latest promo gives users a chance to win a Red Ribbon cake by just sending P1 to any GCash users. For every 7th person to do this, s/he will be eligible to win. This promotion is good until February 29, 2019.

Today, some GCash users are reporting text messages that they’re receiving coming from an unknown prepaid number. The message lures recipients to claim their P800 rewards by logging in the provided link. The recipients are made to believe that they won in the on-going Red Ribbon promo of GCash.

Similar to the previously reported GCash phishing incidents, this one also used the Wix platform.Wix was quick to deactivate the website after a couple of hours.

Some users who are aware of this smishing threat attempted to identify the name of the culprit. After sending P1 to the mobile number of the sender, they found out that the GCash account belongs to a certain “Kariza Tonza”. Based on the screenshots shared in a Facebook Group exclusive to GCash users, the smishing incident is linked to this Globe prepaid number “09050676296”.

We will have this coordinated with GCash to deactivate the SIM and to provide these details to help in their investigation.

Related Posts:

Business, News, Product & Services

GCash Expands Its Financial Services to Provide Opportunities For All

Leave a comment

All eyes are focused on Asia, more so than ever before, and with good reason.  Asian economies are well positioned for robust growth, and in recent years, Asian emerging markets performed rather well compared to their counterparts outside Asia.

Asia has made significant progress when it comes to financial inclusion. TrustedBrokers.com and other trusted services have contributed it. The Philippines, in fact, has the most conducive environment for financial inclusion in the region; number 4 worldwide in a 2018 study (The Global Microscope) conducted by The Economist Intelligence Unit (EIU). The study assess the enabling environment for financial inclusion across 5 categories and 55 countries. It also cites that the leading countries in the study “feature market-entry regulations that do not deter new players that serve low- and middle-income populations” – with the Philippines having banking and non-bank financial institutions and e-money issuers and cross-border payments providers actively reaching out to the population.

The socio-economic impact from financial inclusion – having formal financial products and services available to all segments of a population regardless of their economic standing – can be game changing in emerging markets. This helps unlock greater access to fundamental services, helps people create financial identities, encourage savings, and even help drive or build an economy. With technological innovations combined with the rapid proliferation of mobile phones, along with growing income levels, more platforms have emerged. One such platform is GCash.

GCash is the Philippines’ leading mobile money platform. The app is widely used for transactions with its scan-to-pay or PayQR feature. In recent years, more products and services have been added to it, like GCredit, GScore, and InvestMoney.

With GCash being mobile, the platform is able to address consumer pain points. Such pain points include the lack of cash on hand for emergencies, and the lack of documentation needed in order to open an account or credit line. For more finance related post, visit and read this equity release calculator website review.

We are trying to leverage on the platform that GCash provides,” said Jean-Francois Darre, CEO of Fuse Lending Incorporated and Mynt’s Financial Services Head. “We’re trying to embed our products to that platform and making access to credit convenient.”

In a study conducted by the Asian Development Bank (ADB), more than 40% of Filipinos rely on informal lending sources, with only 12% borrowing from a formal financial institution.

We’re trying to make credit affordable and accessible. In the Philippines, it can be challenging sometimes for people to have access to credit because of heavy documents, requirements from financial institutions.”

Having a democratic access to credit, according to Darre, equalizes the playing field. For him, this also means that there’s a better and safer option out there that is readily available.

GCash prides itself with its vision of “Finance for All” – its products are designed for both the banked and unbanked.  While it is clear that technology helps pave the way for a more financially inclusive society, GCash knows the importance of cultivating responsible financial habits. Thus, the introduction of GScore, the country’s first trust score rating.

GScore makes use of technology to assess one’s financial capacity based on data built upon by the users relationship with the app, along with key personal identifiers. With the unfounded reputation that Filipinos cannot manage finances, this feature manages to debunk that.

It’s a trust score which Filipinos can earn,” remarked Kim Seng, Fuse’s Head of Lending. “So it’s something that they feel they earned already and can take care of.

Seng also observed that within a few months of launching GScore, good payment behavior was indeed captured. “The Filipino can do it,” she adds. “All they need is the right finance partner.”

Lately, GCash has announced that Invest Money (its in-app investment marketplace) has gone off-beta, enabling more users to gain access to investing at a very affordable price point of PhP 50. This also helps people build up a financial portfolio and in turn, builds wealth. If you are thinking about investing in cryptocurrencies, then you’ll need to stay updated on all the latest crypto news.

Is there any future in cryptocurrency? Cryptocurrencies have a potential future and even though they have fluctuating values, these digital assets might find a way to become an effective means of payment, learn more by reading this article about fx trading by VT markets.

The Invest Money feature also mirrors the company’s goal to provide “finance for all” as it is a product that is accessible to Filipinos from every income level, and affordable as well. It is something that one can even save up through the course of a month, according to Izza Castelo, Head of Investments.

GCash itself is evolving. By harnessing technology, more people are now able to build a financial history, regardless of their background. If you want to elevate your financial situation, you might want to check out investment opportunities like Ryoshi Token. With the features and services that are already built in-app, more and more people are now able to participate in the economy, and for some, for the very first time to do so. The mobile technology that platforms like GCash run on lets consumers bypass hurdles imposed by traditional banking, as it breaks down constraints by delivering greater convenience, security, and security – anytime and anywhere.

Related Posts:

Internet Security, News

New GCash phishing leverages on Chinese New Year

1 Comment

Some GCash users received an SMS alert today saying that they are eligible to claim P750 worth of GCash Ang Pao Rewards. Incidentally, GCash has an on-going Ang Pao promo that will run until February 14, 2019 for their Chinese New Year campaign.

GCash’s Facebook groups were filled with screenshots of the suspicious SMS. While most users commented that the message is a scam, some subscribers may still be compromised knowing that they have shared their personal information such as their names and phone numbers in the group just so they could take part of the Chinese New Year promo.

GCash’s Ang Pao promo entices users to win up to P88,888 every day by just sending P1 to at least two people. Desperate to win, GCash users flooded the FB groups with their mobile numbers with some sharing screenshots of their accounts.

This SMShing incident is similar to the previous GCash phishing report that was featured in this blog earlier this month. It used the free web development platform Wix to create a phishing site where gullible users will be redirected to.

Wix was quick to turn down the phishing site after it has been discovered and reported.

GCash users are reminded to be extra vigilant against these people who are thriving on their weakness to promos. Report any suspicious emails or SMS directly to GCash to disable the mobile number that these cybercriminals are using and to aid on their investigation should there be one.

Related Posts:

data privacy, Internet Security, Mobile, News

Fake GCash Care in FB gets owned

3 Comments
The official GCash Care account in Facebook

A scammer can also get scammed and owned by the people they intend to victimize. That’s what happened to the person behind a fake GCash Care Facebook account that presents itself as the official customer support of the mobile app.

Similar to other local tech-enabled companies, GCash has opted to open a customer care channel through the social media giant Facebook. While it does help in reaching out to their growing subscribers, it also opened a whole new door for scammers. Now, all they need to do is create a Facebook Page that looks exactly like GCash Care, the company’s official customer service account in FB.

FB search result for GCash Care.

Searching for GCash Care in FB could give you multiple results. One could argue that it’s easy to recognize the official ones because they have ‘Verified Page’ icons (blue check marks) right next to their names. But, a lot of people could still be victimized by these small-time scammers.

LJ Alfega, one of the users of the app, decided to play with the scammer behind one of the fake GCash Care accounts in FB. After noticing multiple people posting their conversations with the bogus account, she went in and did the same. To her surprise, her experience would be the best among all those who messaged the scammer. Take a look at the screenshots below:

Alfega first asked about GCash’s support hours and followed it up with her main concern – the cashback for paying bills. Instead of answering her queries, the bogus account immediately asked her to verify some personal account information. And when she did, he asked for an authentication code.

Alfega’s conversation with the fake GCash Care FB account Part 1

The scammer is very insistent in getting the correct authentication code even after multiple failed attempts. Obviously, Alfega is just trying to test the scammer’s patience but he just seemed to be so persistent until…


Alfega’s conversation with the fake GCash Care FB account Part 2

Alfega’s conversation with the fake GCash Care FB account Part 3

The scammer realized that he just got owned by Alfega after sharing his selfie to her. When Alfega tried to press him for further verification, she got blocked.

This is just one of the many funny stories shared by other GCash users who started poking fun in the fake accounts. However, this should not just be treated lightly as people could lose a serious amount of money. GCash already released an advisory last February 1 to ensure that their customers are only dealing with their official channels. The company also added that they “will not be liable for any consequences that may result from dealing outside of their official channels.”

GCash Advisory

Related Posts:

Internet Security, News

Wix phishing site targets GCash users

1 Comment

A fake GCash website has been put up to lure users in availing a P750 reward. Using Wix, a free, cloud-based web development platform that allows anyone to create their own website, the fake GCash website is being sent to various Globe users to entice them to claim their rewards.

Bogus GCash SMS alert

Janet Sentorias, a GCash user, shared the screenshot of a text message she received from an unknown Globe prepaid number. It contains the link to the GCash phishing site built via Wix. The link was too obvious for anyone not to notice but for someone not familiar with Wix, they might get tempted to enter the site.

The GCash phishing site asks for an email address and a GCash mobile number. According to the instruction, users need to ensure that they are verified GCash subscribers to be entitled to the bogus reward.

Some red flags on this site, for those not familiar how phishing works, are:

  • Inconsistent domain. The site used a Wixsite.com domain instead of the GCash’s official domain GCash.com or its mother company Globe.com.ph
  • Unofficial SMS sender. The message was sent from a Globe prepaid number. GCash or any other legitimate companies usually use a 4-digit number to broadcast their advisories.
  • Grammar. Official advisories or statements from companies are being reviewed thoroughly. Both the SMS alert and the phishing site contain too many mistakes.
  • Sense of Urgency. One of the reasons why phishing campaigns are successful is its ability to trick humans. As cliche as it is, we are the weakness in the system. This phishing site, for instance, is urging recipients to claim their rewards until the end of the month.

Should you receive similar attacks, report it immediately to GCash and Globe so they could take appropriate actions against the cybercriminal.

Sentorias and some other GCash users tried to trace the identity of the culprit behind the mobile number used in this scheme. They were able to do so by sending a GCash amount to the number. For fairness, we reserved the right not to publish the identified person until an official investigation commence.

We have requested to have the site blocked in some known security vendors. We will also have this reported to GCash and their data protection officer as a heads up.

***Updates***

Wix Support Thread
  • February 1, 2019 – We reported this incident to GCash’s DPO and got a confirmation that they are already working on it.
  • February 2, 2019 – Wix contacted us to formally file a request to take down the link. We did so.
  • February 3, 2019 – Wix took down the GCash phishing link. GCash also confirmed that they already disabled the account of the scammer and that they will also send an advisory for security awareness.

Related Posts:

News

Globe introduces GCash American Express Virtual Card

Leave a comment

Ever wanted to purchase something online but unable to do so because you don’t have a credit card? Or the online shopping store requires a valid US address? Well, at this point in time, wherever you are in the Philippines so long as you have a GCash account, you can now easily buy your favorite stuff on the Internet and have it delivered right at your doorstep via the recent tie up of Globe and American Express – the GCash American Express Virtual Card.

First reported on March 2012, GCash American Express Virtual Card empowers Filipino online shoppers by getting what they wanted and paying it through the regular American Express payment method.

Regular GCash users need to register first to associate their accounts with this new service. Currently, the virtual card is being offered for free on its first month. Succeeding months will depend on your preference: Php25 for one additional month, Php140 for six additional months or Php250 for the next 12 months. You may register on this link.

This partnership between Globe and American Express also provides you with a virtual US address that you’ll be using in case the online shop requires you to enter one. This was made possible with GCash’s partnership with My Shopping Box (MSB). They will be in-charged with the shipping information of your stuff to your Philippine address. Standard shipping rates apply to Philippine deliveries.

This introduction of online shopping convenience makes it really possible for the Philippine netizens to be involved and exposed with the latest trend in the world as we can just purchase it online even without the company officially launched the items in the country.

For a detailed information on how to register and use GCash American Express Virtual Card, you may refer to this link or call the GCash Hotline 2882 using your Globe mobile number.

This post was first published at KabayanTech.

Photo Credit: GadgetPilipinas

Related Posts:

Mobile

Globe introduces GCASH mobile app for iPhones

Leave a comment

GCASH, Globe Telecom’s internationally acclaimed mobile commerce service, recently announced another first in the mobile payment industry – an iPhone application will be available for download at the iTunes App Store for free starting this March 2012.

Globe, being the first to offer iPhone plans in the country, continues to provide the best iPhone experience to its users by integrating their mobile payment system to the GCASH iPhone app.

“The new GCASH mobile app for iPhones will make our customers enjoy doing their GCASH transactions,” said Paolo Baltao, President of G-Xchange, Inc., a wholly owned subsidiary of Globe and operator of GCASH, “We are setting a new standard for customer experience in the field of financial services.”

Click here to read more.

Related Posts: