Press "Enter" to skip to content

Posts tagged as “Cyber Security”

Reports – Philippines has the highest shopping scam rate in 11 Asian countries

A study by the Global Alliance Against Software Piracy (GASA) and Gogolook found that 35.9% of Filipinos have been victims of a shopping scam. This is the highest rate of any of the 11 Asian countries surveyed. The report was issued by the Office of CICC Executive Director Alexander K. Ramos and published on CICC website.

The 2023 Asia Scam Report released at the 1st Anti-Scam Asia Summit in Taipei was published by GASA and Gogolook and was based on data collected from nearly 20,000 respondents across 11 countries in Asia including the Philippines, Taiwan, Thailand, Japan, Korea, Malaysia, Hong Kong, Singapore, Vietnam, China and Indonesia.

The study revealed that Filipinos are particularly susceptible to scams involving fake sellers and phishing websites. These deceptive tactics lure unsuspecting individuals into purchasing fraudulent products or revealing sensitive personal information.

To combat this growing threat, the Cybercrime Investigation and Coordinating Center (CICC) is issuing a stern warning to the public, urging them to exercise extreme vigilance when engaging in online transactions. The CICC emphasizes the importance of adopting protective measures to safeguard against shopping scams.

CICC Executive Director Alexander K. Ramos reiterated his appeal to the public to be careful when they do their online shopping, especially during the yuletide season.

“Based on our observation, shopping scams usually increase during the Christmas season,” he said. “Scammers take advantage of the high volume of online shopping and people’s vulnerability during this period,” Ramos explained. The mindset and immediate response of Filipinos, when confronted with scams, make them vulnerable to falling into traps, according to Ramos.

“Some people easily believe in false promises even if they are too good to be true,” he said.

Based on the Asia Scam Report; 24.8% of Filipino victims respond too quickly to scammers’ demands and 21.1% of victims chose to take a risk despite uncertainty about the risk. Other reasons for vulnerability include being enticed with incentives and over-trusting with friends and family members.

Here are some tips that you can take to avoid falling for shopping scams:

  1. Shop from Reputable Websites: Patronize only established and trusted online retailers to minimize the risk of encountering fraudulent sellers.

  2. Exercise Caution with Links: Approach links embedded in emails or social media posts with skepticism. Avoid clicking on suspicious links, as they may lead to phishing websites designed to steal personal information.

  3. Protect Personal Information: Refrain from sharing sensitive details, such as passwords, credit card numbers, or home addresses, with anyone you don’t trust implicitly.

  4. Beware of Unrealistic Deals: Exercise discretion when encountering deals that appear too good to be true. Such offers often mask fraudulent schemes.

  5. Report Suspected Scams: If you suspect you’ve fallen victim to a shopping scam, promptly report the incident to the authorities.

Here are additional measures that you can take to protect yourself from scammers;

  1. Use secured payment method like credit cards or PayPal, which offer protection against fraudulent transactions.
  2. Make sure your devices and apps are up-to-date, including antivirus and anti-malware programs, to enhance your device’s security.
  3. Stay informed on current and emerging scam trends and tactics to remain vigilant against evolving threats.

DICT’s statement on the hacking and defacing of the House of Representative website

Department of Information and Communications Technology (DICT) just release an official statement regarding the defacing of the House of Representative (HoR) website.

This is the full text of DICT’s statement;

The Department of Information and Communications Technology (DICT) confirms that a cybersecurity incident involving the House of Representatives (HOR) website occurred on Sunday, 15 October 2023.

The HOR immediately put the website offline to prevent further unauthorized access and reported the incident to the DICT – Philippine National Computer Emergency Response Team (CERT-PH).

CERT-PH is conducting an investigation to determine if sensitive data has been exfiltrated by the threat actor.

Recommendations were likewise provided to the HOR IT Team to prevent future security breaches on their website.

The DICT informs the public that the HOR website shall be online soon with its security vulnerabilities already addressed.

The next stages of the investigation on the incident, which include threat actor attribution and case build-up, shall be pursued by the Cybercrime Investigation and Coordinating Center, in coordination with our law enforcement agencies.

The DICT reaffirms its commitment to be an active partner of government agencies as they fulfill the primary responsibility of safeguarding their own ICT systems and infrastructure against cyber threats.

By:

Renato A. Paraiso
Assistant Secretary for Legal Affairs
DICT Spokesperson
pio@dict.gov.ph

At the sametime, DICT also release a Tagalog version of their statement.

Yesterday, the website of the House of Representative (HoR) was hacked by the hacker group 3MUSKETEERZ, defacing it with the troll face meme captioned it “You’ve been hacked. Have a nice Day! Happy April Fullz Kahit October Palang! Fix your website.” and changed its content with the same messaging.

Website of House of Representative hacked by 3MUSKETEERZ

Website of House of Representative (Congress) have been hacked and defaced by 3MUSKETEERZ.

The group used troll face meme captioned it “You’ve been hacked. Have a nice Day! Happy April Fullz Kahit October Palang! Fix your website.” The group even changed its content with the same messaging.

The official X (twitter) account (@HouseofRepsPH) already release a statement and that they are currently working with Department of Information and Communications Technology (DICT), Cybercrime Investigation and Coordinating Center (CICC) and law enforcement agencies concerned to investigate the matter.

PRESS STATEMENT
Secretary General Reginald Velasco

We wish to inform the public that the official website of the House of Representatives experienced unauthorized access earlier today. Immediate steps have been taken to address the issue, and we are working closely with the Department of Information and Communications Technology (DICT), Cybercrime Investigation and Coordinating Center (CICC) and law enforcement agencies concerned to investigate the matter.

While we work to restore the website fully, we ask for patience and understanding. We are committed to ensure the security and integrity of our digital platforms, and we will implement additional measures to prevent such incidents in the future.

For the moment, we advise the public to be cautious of any suspicious emails or communications that claim to be from the House of Representatives.

We will keep the public updated as more information becomes available.

As of this posting, the website is currently offline and accessing the website http://www.congress.gov.ph/ will just give you the standard “This site can’t be reached” message.

NPC launches “Na-leak ba ang PhilHealth Data ko?” Portal

In the wake of the PhilHealth Hacking, Philippines’ National Privacy Commission (NPC) launches the “Na-leak ba ang PhilHealth Data ko? Portal. The “Na-leak ba ang PhilHealth Data ko? Portal is a tool to check if your personal data is included in the PhilHealth cyberattack last Sept 22.

NPC explained that “Na-leak ba ang PhilHealth Data ko? Portal is a “simplified database search portal designed to help individuals verify the status of their personal information in light of the recent incident involving the Philippine Health Insurance Corporation (PhilHealth) database, purportedly exfiltrated by the Medusa Ransomware Group, and posted online on October 5, 2023. As of October 13, 2023, the initial batch of data available on the portal pertains to individuals aged 60 years and above, containing an estimated 1 million records out of 8.5 million senior citizens.”

To access the “Na-leak ba ang PhilHealth Data ko? database search tool, visit: https://philhealthleak.privacy.gov.ph, then just provide your PhilHealth Identification Number (PIN) to know if you are part of the leaked database.

DICT official statement on PhilHealth Ransomware Attack

Following the PhilHealth ransomware attack last September 22, 2023, Department of Information and Communications Technology (DICT) has released an official statement.

Here’s the full text of DICT’s statement;

The Department of Information and Communications Technology (DICT), through its Cybersecurity Bureau, proactively responded to address a ransomware attack that targeted the Philippine Health Insurance Corporation (PhilHealth) last September 22, 2023.

Upon learning of the breach, the DICT Cybersecurity Bureau’s National Computer Emergency Response Team (NCERT) went to PhilHealth Head Office and implemented critical security measures which included the disconnection of workstations from the network, prompt coordination with PhilHealth to gauge the extent of the attack, and collection of relevant logs for thorough analysis.

As of September 25, 2023, PhilHealth’s critical web services are only accessible via their IP addresses and currently ongoing comprehensive security scanning. Efforts to restore the functionality of PhilHealth’s DNS server are underway.

The DICT condemns the ransomware attack carried out against PhilHealth in an attempt to illegally access the information of its members. We shall continue to investigate and monitor the acquired logs from PhilHealth’s affected systems. An extensive checklist has been prepared by the DICT to benchmark PhilHealth’s readiness to get their systems online.

The DICT is committed to ensuring the full restoration of security and stability in PhilHealth systems and to safeguarding government systems and infrastructure from malicious cyber threats.

PhilHealth hit by ransomware, Hackers demands $300,000.00

On September 22, 2023, the Philippine Health Insurance Corporation (PhilHealth) was hit by a ransomware attack. The attack was carried out by the Medusa ransomware group, which encrypts files and demands a ransom payment for the decryption key. The hackers responsible for the attack have demanded a ransom of $300,000 or approximately P17 million as payment to decrypt the files.

PhilHealth detected the attack early on Friday and immediately shut down all of its online systems, including its website, portals, and e-claims. The agency is currently working with the Department of Information and Communications Technology (DICT) and other government agencies to investigate the incident and restore its systems.

In a statement, PhilHealth assured the public and its members that their personal and medical information was not compromised or leaked in the attack. However, the attack did disrupt the agency’s operations and caused some inconvenience to its members.

On September 25, PhilHealth announced they are working to restore all of its systems and that its members could now avail of its benefits again. The agency also said that it was implementing additional security measures to prevent future attacks.

Discord.io suffers data breached and will shutdown the service

Discord.io, a third-party service that enables owners of Discord servers to create customized, personal Discord invites, has announced that it would shut down until further notice following a “major data breach” from “unknown actors” on Monday evening.

The breach has affected 760,000 users and the stolen information could include your discord.io username and your Discord ID, your email-address, your billing address, and a salted and hashed password if you signed up in 2018 or earlier.

Payment details are said to be safe because all payments are processed through PayPal and Stripe and the company does not store any payment information on their servers, and this information was not leaked, the company said in an article posted on their website.

Discord.io has confirmed the authenticity of the breach, by an entity acting under the name “Akhirah.” It is important to know that Discord.com is not affiliated with discord.io, a spokesperson from Discord told Stackdiary, “Discord is not affiliated with Discord.io. We do not share any user information with Discord.io directly and we do not have access to or control of information in Discord.io’s custody.”

Discord has revoked the oauth authentication tokens for any Discord user that has used Discord.io, so that app can no longer perform actions on behalf of those users until they re-authenticate3. Affected Discord users should change their passwords and enable multi-factor authentication (MFA).

You can read the full statement of Discord.io on their website – Discord.io has suffered a data breach.

The website’s official twitter also encourages users to directly contact their support team, in connection of the breached.