The GCash hacking incident was caused by misclicks and phishing attempts. No funds were lost

Be careful of what you click!

Three days ago, GCash put itself under maintenance after users seemingly lost some funds over the app. This strange incident went viral on Twitter and some even reported that unauthorized banking transactions were made despite the fact that this required a One-Time Pin (OTP). This was resolved at 10 PM on May 9th. The funds were intact and were returned to their respective users. According to the company’s official statement, no hacking occurred.

While there was no hacking that occurred, the company did confirm a PHP37-million attempt that they immediately detected and stopped. This large amount was sourced from over 66 million GCash users that siphoned a few thousand pesos from their accounts.

MANILA  -GCash, the popular digital payments app of Globe Telecom Inc., foiled attempts by suspected hackers to siphon off millions of pesos from its clients after the company detected a pattern of relatively small withdrawals from multiple users sent to only two recipient accounts at another bank late Monday night.

The aggregate amount of suspicious transactions was initially estimated at P37 million, sourced from GCash users worth a few thousand pesos each.

“This was averted by GCash which immediately put a hold order on the transfers once the pattern was detected,” a ranking Globe official told the Inquirer.

The maintenance greatly affected users who rely on it to pay bills, transfer remittances, and do online shopping. The e-wallet saw a rise in usage during the pandemic when health and safety are of utmost concern. To this day, GCash is the most frequently used e-wallet due to its simple design and ease of use. Of course, competitors like Maya and AliPay continue to be used by many but GCash is the most familiar among users.

Globe, the owner of GCash, noticed that the funds are being directly transferred to two banks: Eastwest and Asia United Bank and decided to act immediately. While most services returned at 10 PM Tuesday, bank transactions did not. These suspicious transfers resulted in a freeze ordered by the two firms.

It was also cited that the foiled hacking originated from phishing attempts coming from websites dressed exactly to look like GCash as well as spam messages and suspicious emails. Non-tech-savvy users may find that these impostor websites are trustworthy due to the identical resemblance to the app.

Three days later on May 12th, the Department of Information and Communications Technology (DICT) got involved and performed its own investigation of the matter. Secretary Ivan John Uy would be leading this investigation after a “system glitch” was found on the app and there were user complaints received on different platforms.

GCash then posted a safety guide on how to avoid phishing attempts such as websites, links, and SMS messages. Remember to NEVER GIVE AWAY YOUR PERSONAL INFORMATION to anyone you don’t know. GCash will NEVER ask for any sensitive info such as emails, phone numbers, birthdays, or legal documents, outside of their app.

Phishing websites that are dressed to heavily resemble GCASH often require you to type in personal information such as your MPIN, a four-digit security code that you need to enter to access the app. Double-check links to see if they are legit. If it’s not associated with Globe, Mynt, or GCASH, better run away. Personal info needed by GCASH should only be availed through the company’s official app.

Finally, ensure that the sender is “GCASH” and not somebody else. This is a common tactic used by many scammers to siphon your information. Never click on links, even if you seemingly trust them unless it’s truly from GCASH or Globe.

Source: GCASH, ABS-CBN, Inquirer