Warning Against Phishing Malware in Gambling Sites and Gaming Apps

Downloaded games and gambling are popular forms of entertainment for many Filipinos, but some may contain phishing malware that's used to steal accounts in the recent surge of phishing scams according to a recent investigation by the National Privacy Commission (NPC) and the Philippine National Police Anti-Cybercrime Group (PNP-ACG).

Additionally, some influencers may have unknowingly promoted these gaming apps without being aware of their fraudulent nature. I advise you or anyone to be extremely careful when accessing online gambling sites and gaming apps and to avoid them altogether if possible.

How the Scheme Works

* On the Gambling side: Perpetrators who created the gambling apps while falsely claiming to be accredited by the Philippine Amusement and Gaming Corporation (PAGCOR). These apps deceive users with a verification process, redirecting them to a fake website or payment page to top up betting credits. From there, fraudsters were able to access sensitive information such as credit card details, passwords, mobile wallet numbers, MPINs, OTPs, and other personal data that can be exploited to gain unauthorized access to user accounts.

* On the Gaming side of things: When downloading games from untrustworthy sources, players may receive malicious software that can gather sensitive data like login information or passwords from the victim’s device; and in an attempt to download a desired game for free, find a cool mod or cheat, gamers can actually lose their accounts or even money.

How to Protect Yourself in 6 Ways:

* Protect your personal information - The most common red flag to look out for in downloaded gaming apps is a blatant request for private information such as credit card numbers, or passwords for social media and bank accounts. Also, don’t include identifying information in your gaming usernames – such as your name, date of birth, or location – and avoid sharing personal details on gaming forums.

* Do some Due Diligence or background check research - For gambling apps such as e-bingo platforms, users are advised to check if the company that created them is listed on the Philippine Amusement and Gaming Corporation (PAGCOR) website.

* Only Download from Legitimate Sources - Most of the time, these gaming apps from suspicious sources contain malware that will trick players into clicking a phishing link. These are common in apps where players buy character upgrades or items and play-to-earn games. Stick to reputable download sites to maximize game security. 

* Use strong passwords - One of the simplest ways to protect yourself is using a strong password. A strong password comprises at least 12 characters (ideally more) and is a mix of upper- and lower-case letters, numbers, and symbols. Avoid using sequential numbers (“1234”) or personal information that someone who knows you might guess, such as your date of birth or pet’s name.

* Be alert to hidden charges and scams - Read the manufacturer or hosting company’s terms and conditions to make sure you understand any immediate or future hidden charges. Keep an eye out for potential scams when buying or selling 'property' that exists inside a computer game. 

* Keep software up to date - Make sure that you keep your devices and software up to date. Up-to-date software will ensure that you benefit from the latest security patches to address cyber vulnerabilities. Be vigilant against phishing emails Be wary about emails that claim you must click, call, or open an email attachment immediately. 

The golden rule is to avoid clicking on any links, opening any attachments, or responding to any email you feel unsure about.

Rest assured that our law enforcement authorities, the Philippine National Police (PNP), the National Bureau of Investigation (NBI), and the Cybercrime Investigation and Coordinating Center (CICC) are in close cooperation in continuing to expose these scams, but we encourage everyone to join this crusade by staying informed and aware of these scams and phishing activities.

The public is encouraged to report incidents of scams, fraud, and cybercrime to the PNP-ACG through its hotlines at (02) 8414-1560 or 0998-598-8116 or via email at acg@pnp.gov.ph.

—

If you like this post, please do share it on social media like Facebook, Twitter or any other site that you like (of course with a credit link back to this blog post).