New SMS scam uses clickable numeric links, hyperlink masking

Smart Communications Inc. warned users regarding a new text-based scam that uses clickable numeric links and hyperlink masking to lure them to phishing sites. 

Based on their investigation, the new text-based fraud involves hyperlink masking—where scammers replace the dots in a URL with another character like “underscore” or “slash” to mask or conceal the hyperlinks.

They added that the process also includes asking potential victims to manually copy the address, and paste it on their browser with the replaced special characters with dots; Once they press the “enter” or “go” button, they will be able to activate and be directed to the link. 

Another method is also sending what appears an IP address but is actually numeric clickable links. 

This comes after they rolled out their improved blocking tool, which helps prevent scam messages from reaching their subscribers.  

“Smart’s much improved blocking capabilities have prevented a significant number of SMShing messages from reaching customers. But scammers keep looking for new ways to run their phishing activities. They now send unclickable links, but with the same goal of luring customers into opening malicious domains,” said Jojo G. Gendrano, SVP and Chief Information Security Officer at PLDT and Smart. 

Other than the new method of text fraud, they also warned subscribers to never answer text messages and calls from unknown contacts, especially those asking for one-time passwords or OTPs. 

Smart also stressed that their agents, as well as those from the banks, will never ask for your OTP. 

They added that users should also be suspicious of too-good-to-be-true offers or prize winnings sent via SMS that urge them to click the link to get the limited-time offer. 

Text and email scams also include messages that create false alarms regarding account suspension or loss of access which commonly include a link that directs them to a phishing site. (With reports from Rainier Allan Ronda)