Cybersecurity firm warns: SIM card registration heightens privacy risks

CEBU, Philippines — Cybersecurity and digital privacy company Kaspersky urged Filipinos to be mindful of securing their data following the release of the implementing rules and regulations of the SIM Card Registration Act by the National Telecommunications Commission (NTC).

In a statement, Kaspersky's general manager for Southeast Asia Yeo Siang Tiong warned Filipino mobile users that while the new regulation is good, it also has privacy risks, which is considered a major concern.

According to Kaspersky, for a cybercriminal having a potential victim’s phone number significantly increases the opportunity of a successful attack, since most online services require entering a phone number along with other personal data.

“Doxing, cyberbullying, blackmailing and extortion are among the potential cyber threats victims might face,” warned Kaspersky.

The NTC just announced that the registration of new and existing SIM cards will start on December 27.

According to the IRR of the SIM Registration Law, mobile users in the country are required to input their personal information such as full name, birthday, sex, recent or official address, identification card, and ID number during the registration process.

Once this data ends up in untrustworthy hands, fraudsters might launch various types of phishing attacks from spam calls to voice phishing. Kaspersky describes phishing as a form of cybercrime that involves stealing confidential data from a person's device and using the same data to steal their money.

Thereby, Kaspersky is reminding Filipinos to be vigilant in securing their data against possible phishing attacks.

To stay safe against fraudsters, Kaspersky recommended that those who will register their SIM cards should visit and use links to official websites/platforms only. Mobile operators in the Philippines have announced that they will launch their online SIM registration platforms.

Kaspersky also warned that registrants should check each link and email carefully. When one receives an email, “don’t rush to reply or follow instructions. The first thing you should do is look for telltale signs of phishing such as mistakes, typos, and strange characters in the text as well as inconsistent sender address.”

Additionally, Kaspersky reminded subscribers to check the links in the email if it contains them or the website they lead to. “You can check a link by hovering your cursor over it and reading the address carefully.”

Cybercriminals bet on victims who do not pay enough attention to detect slight changes made to the names of well-known companies or brands like sumsung.com or qoogle.com, among others.

Lastly, Kaspersky recommended using reliable security protection on devices. “It's hard to be on the constant lookout for red flags and to check every single address, link, and so on. But it’s a task you can automate, and you can rely on security solutions to protect you against phishing.”

Kaspersky is a global cybersecurity and digital privacy company founded in 1997. Kaspersky’s deep threat intelligence and security expertise are constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments, and consumers around the globe.

The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and it helps 240,000 corporate clients protect what matters most to them.