Subscribe to our newsletter!
Editing by Nathaniel Cajuday
- GCash confirmed that it has stopped an attempted cybertheft that aimed to steal ₱37 million.
- The incident was not a result of hacking but of phishing, according to GCash representatives.
- A congressional inquiry has been called for by a representative in the House of Representatives into the attempted hack of GCash and the unauthorized withdrawal and restoration of account holders’ funds.
Following the recent in-app issues regarding the users’ loss of funds, fintech firm GCash reportedly announced that they have stopped the cybertheft that attempted to steal ₱37 million-worth of digital money. The e-wallet provider also assured that the prior stolen GCash will be refunded to the affected users.
During the GCash FutureCast 2023, GCash CEO Martha Sazon stated that the e-wallet currently has more than 77 million users in the country—about 70% of the total population.
GCash: No Hacking Incident
Although funds disappeared without a trace, GCash stated that the recent incident is not a product of hacking—which was assumed by most users—but a product of phishing.
As per reports, GCash unveiled that they have stopped a potential theft after noticing a pattern of small withdrawals from multiple users being sent to only two recipient accounts at another bank.
According to a GCash representative, the attempted heist was averted by the firm as soon as they detected the pattern the fraudsters used to transfer funds. To address this, the representative told Inquirer that they “immediately put a hold order on the transfers”.
“It’s not a case of hacking in that sense,” the official stated.
Solons Urged GCash to Explain
On Wednesday, May 10, a resolution was filed by Bagong Henerasyon party-list representative Bernadette Herrera in the House of Representatives, calling for a congressional inquiry into the attempted hack of GCash and the unauthorized withdrawal and restoration of account holders’ funds.
The representative expressed dissatisfaction with the announcements and statements made by financial institutions involved and noted inconsistencies in the statements issued by GCash.
Additionally, the representative called for input from the Bangko Sentral ng Pilipinas and the NBI Cybercrime.
If no hacking happened, then what really happened?
Gilda Maquilan, GCash vice president for corporate communications, told ABS-CBN News Channel (ANC) that the transfers appeared to be genuine at first but were later suspected to have been authorized by the hackers using data obtained from users through phishing methods.
The first explained that they were examining the actions of the fraudster when they discovered that the individual had sent out a link to multiple users. If a user clicked on the link, they would be asked to link a device, which allowed the fraudster to phish information from GCash patrons.
“When they were able to access the link, information from their device were phished. ‘Yun ‘yung phishing natin. Any activities from then on, nakikita ng ating mga fraudster. Ang ginawa niya, he requested to link a device,” Macquilan disclosed.
Through the scheme, the fraudster was able to acquire the necessary information to login into an account. The process for accessing GCash typically involves linking a device and entering a personal identification number (MPIN) and a one-time password (OTP); once this process is complete, the user can make transactions.
GCash’s Solution: Refund
By 4:00 p.m. Tuesday, May 9, GCash announced that all funds belonging to users affected by the unauthorized transaction reports have been returned.
“Rest assured, your funds are intact, safe, and secure with GCash. Our proactive cybersecurity policies are in place to protect our customers as the safety and security of your account is our top priority,” GCash stated.
To answer the inquiries regarding their statement that were no funds lost, Macquilan stated that the report that no funds were lost is accurate because the funds were traced and found to be intact with their partners.
“It was intact doon sa partners natin. Because of our safety protocol and coordination with the bank, naibalik ‘yan. ‘Yun po ‘yung meaning namin na (That’s what we mean by) the money was intact,” she explained.
AUB and EWB Statements
Asia United Bank (AUB) and EastWest Bank (EWB), the two banks linked to unauthorized fund transfers, also released their own statements addressing the issue.
After receiving the alert from GCash on May 8 regarding certain transactions involving the transfer of funds via InstaPay to an AUB account. AUB promptly took action by temporarily freezing the account. The bank has stated that it is cooperating with GCash to resolve the matter.
EWB also stated that it was collaborating with authorities after one of its accounts was identified as the recipient of unauthorized cash transfers from GCash wallet users.
This article is published on BitPinas: GCash Foils ₱37M Theft, Says Funds Lost Due to Phishing, Not Hacking
Disclaimer: BitPinas articles and its external content are not financial advice. The team serves to deliver independent, unbiased news to provide information for Philippine-crypto and beyond.