The Bangko Sentral ng Pilipinas (BSP) has issued an alert to the public on the growing threat of “text hijacking”—a method used by fraudsters to deliver smishing attacks via SMS. In this scam, cybercriminals spoof the sender ID of trusted financial institutions, making malicious messages appear legitimate and increasing the likelihood that recipients will fall victim.
Text hijacking works by embedding fraudsters into legitimate SMS conversations, often using IMSI catchers to intercept mobile signals and send fake messages. These fraudulent texts typically contain phishing links designed to steal sensitive information and gain unauthorized access to victims’ financial accounts.
To protect against such attacks, the BSP advises consumers to:
- Avoid clicking links in SMS messages, even if they appear to come from a trusted source.
- Verify message authenticity: Financial institutions will never ask users to click on links via SMS or email for transactions.
- Report unusual activity to your bank or e-money provider immediately.
The BSP, along with other financial authorities, is actively working to address these risks and ensure the security of financial transactions.
