Scam Alert: No Contact Apprehension Policy Scam by Threat Actors Impersonating LTO, MMDA

The Department of Information and Communications Technology (DICT) issued a warning regarding a type of phishing attempt involving threat actors impersonating traffic authorities and directing victims to settle an alleged No Contact Apprehension Policy (NCAP) violation.

How Does the Scam Work?

According to reports, the scam begins with the victim receiving a text message from a random number on an alleged traffic violation which they committed and could result in their vehicle registration or license getting canceled, unless settled immediately. The text message includes a link directing the user to a bogus Land Transportation Office (LTO) page, where the victim is asked to input the plate number of their vehicle to ‘check’ for violations. PSA notes that the links used by the threat actors may differ from message to message.

After inputting the details, the victim will then receive a fake message from the Metropolitan Manila Development Authority (MMDA), showing information such as the assigned plate number and the alleged traffic offense.

The victim is subsequently directed to a payment section wherein they are prompted to choose a payment option and input their financial information. Doing so will give the threat actors access to the user’s confidential information.

NCAP Suspended Since 2022

The DICT urged the public to disregard any messages from the threat actors, noting that the Supreme Court (SC) previously suspended the implementation of the No Contact Apprehension Policy on August 30, 2022 due to data privacy concerns.

“The public should disregard the said text message, as NCAP enforcement has been suspended since 2022 per the Metro Manila Development Authority (MMDA),”

DICT

The LTO and MMDA also clarified that it is not in their policy to send violation notices through Short Message Services (SMS). According to MMDA Acting Chairman Don Artes, they are working closely with both the LTO and the Philippine National Police (PNP) to identify and perpetrate the threat actors involved.

“We have no policy like this. The MMDA does not even send text messages about notice of traffic violation,”

-Don Artes, MMDA Acting Chairman

“The LTO does not send any notice of violations through this kind of system. This type of system no longer works and that is why any message you receive regarding this is a scam.”

-Atty. Vigor Mendoza, LTO Chief Assistant Secretary

PH Tops 2023 Financial Phishing Cases in SEA – Kaspersky

Cybersecurity company Kaspersky ranked the Philippines first in terms of financial-related phishing attempts in the Southeast Asia region in 2023. According to the report, the Philippines logged 163,279 financial phishing attempts in 2023, three times higher than the 52,914 cases in 2022.

Kaspersky Southeast Asia General Manager Yeo Siang notes that threat actors consider phishing as a reliable method due to its success rate when employed because of the lack of cybersecurity awareness of most people. Coupled with the use of generative Artificial Intelligence (AI) and various social engineering techniques, threat actors can compose convincing phishing messages that are often difficult to distinguish.

“Cybercriminals employ various tactics, including financial-related phishing, to deceive employees and trick them into falling victim to an attack… Tools to help safeguard against human error are a vital step forward, but they can’t exclude employee education, skills development, and overall strengthening of the company’s ability to detect and respond to cyberattacks,”

Recommendations

With the rising cases of data breaches in the Philippines, threat actors likely already have access to sensitive information of individuals and organizations such as names, addresses, credit cards, and bank account details. PSA emphasizes the dangers of data breaches, as threat actors who have access to your information can use this as leverage to sound more convincing in their “phishing” attempts.

At the individual or employee level, PSA suggests considering the following recommendations to minimize your exposure to potential bank or other online-related financial cyber scams:

• Understand how potentially serious it is to have your phone, laptop, or any device stolen or hacked if you use them to access financial accounts. Make sure you can remotely delete your phone or at least reset your financial account passwords if your phone is stolen.
• Don’t click on any links allegedly from your bank. Instead, go directly to your bank’s website through a search engine or through the bank’s app. Make sure to click the legitimate and official website since in some instances, victims also fall for phishing links and fake sites that were designed to look like the bank’s official website.
• If receiving a call from your bank regarding an allegedly compromised account, consider hanging up and calling the bank directly to verify that it is a legitimate security alert.
• If receiving a call from a bank or any person claiming to be from an organization, take note that threat actors may have information on you such as your name, phone number or address. They will use this information to sound “legitimate”.
• Never share your one-time pin with anyone. If you start receiving One Time Pin SMS messages from your bank that you did not request, contact your bank, and notify them your account may have been compromised. Your bank won’t ask for your one-time PIN.
• If you suspect your bank account has been compromised or involved in a data breach, monitor your bank accounts for any unauthorized transactions.
• For those using online banking apps, make sure that you have downloaded your application from a legitimate app store.
• Make purchases online from reputable sellers and secure your payment methods. Some online scam incidents involve customers being overcharged through multiple payment methods.
• Use a well-respected password manager to store strong and unique passwords. Good password managers make it easy to create and store unique passwords in a secure fashion.
• Social media pages like Facebook offer verified badges to indicate legitimacy. Make sure to check for such badges before conducting any business or transaction, especially from well-known companies. Alternatively, proceed with caution when using Facebook to make any sort of transaction.
• Be aware of fake websites that may appear real. These often use the same logo, colors, and layout to appear genuine. Oftentimes, these websites have spelling mistakes as well as an unusual URL.