Cyberscam network dodges SIM card registration law

MANILA, Philippines – The August 1 raid on offshore gaming firm SA Rivendell Global Gaming found more than 28,000 SIM cards from various local and foreign telecommunication companies used for cyberscams. 

Probers also discovered that the firm had managed to register the numbers of unopened SIM cards – still in their packets – on social media messaging apps and platforms that they use to lure victims.

On Monday, August 7, the Department of Justice (DOJ) called a coordination meeting of law enforcement and prosecuting agencies for a case build-up. For the first time, the DOJ involved representatives of telecommunication network giants Smart and Globe. 

On the sidelines of that meeting, DOJ Assistant Secretary Mico Clavano said the telcos could help law enforcers find the mechanisms used by scammers and plug safeguard loopholes. 

“This is historic – the first time we have a case build-up with our partners in telcos,” Clavano said.

‘Sophisticated system’

Reports of victims from Europe, Australia, and Hong Kong falling prey to fraudulent cryptocurrency triggered the raid on SA Rivendell Global Gaming. The Chinese-run offshore gambling firm operates at the SKK Building in Pasay City.

“They have love scams, online betting, and cryptocurrency scams,” Clavano said.

The DOJ official said investigators checked around 7,000 SIM cards reflected on a computer system that used cards, mobile phones, multi-port GSM blaster machines, computers, and other electronic devices.

Using unopened SIM cards, he said scammers found a way to register these on many social media platforms such as WhatsApp, Viber, Instagram, Google, and YouTube.

“We want to know how they managed to do that,” he added.

President Ferdinand Marcos Jr. signed the SIM Card Registration Act on October 10 measure requiring Filipinos to register their SIM cards along with any government-issued identification document in an ambitious move to combat fraud.

The deadline for the registration of SIM cards existing when Marcos signed the law was on July 25. The consequence of failure to register is deactivation, which would also deprive the owner of access to many local e-commerce platforms and, in some cases, social media accounts.

Former president Rodrigo Duterte vetoed an initial version due to possible violation of constitutional rights. That version included the mandatory registration of social media accounts – which is no longer in the current version of the law.

Raiders also found unopened foreign SIM cards. 

Disturbing

The initial findings from the raid bolstered fears of SIM Card registration law opponents, who claim it poses risks to legitimate users’ personal details while not doing enough to stop scammers.

Clavano said they found “the backbone” of POGO operations.

A Filipino worker told Rappler on August 1 that they used company mobile phones to process accounts of citizens engaged in e-gaming.

Clavano, however, said that for scams, the firm used a transmitter that accommodates many SIM cards and blasts initial messages to get the interest of prospective victims. It is also used to process payments.

Gaming is the entry point. The Philippines allows e-gaming by companies registered with the Philippine Amusement and Gaming Corporation (PAGCOR).

Workers then engage unsuspecting “clients” in small talk, flirt, and establish a romantic relationship with them online, before pushing cryptocurrency “investments.”

Written guidelines instruct workers to “make him fall in love with you deeper.”

Inquest, suspension

Raiders found 644 workers of various nationalities, including Filipinos, handling the firm’s operations.

At least 84 Filipinos and 194 foreign national workers underwent inquest for violations of the Securities Regulation Code and violations of Chapter 2 Section 4 paragraph (b) of the Cybercrime Prevention Act of 2012.

Authorities released 365 Filipinos and one Malaysian national. They are holding three Chinese nationals thought to be supervisors.

The National Bureau of Investigation (NBI) said 61 Filipino workers stand as complainants, while 39 are witnesses.

PAGCOR issued a suspension order to SA Rivendell Global Support Inc. It said evidence indicate SA Rivendell’s involvement in scam operations.

It also cited irregularities in its operations, including advertisements on social media to recruit employees with experience in cryptocurrency trading, spamming, and luring clients using dating apps.

“Despite previous denials of involvement in cryptocurrency scam operations, the recent conduct of police operations in one of its registered sites, together with the pieces of evidence gathered, puts into question the integrity of their offshore gaming operations, and has serious implications as to SA Rivendell’s fitness to hold an accreditation,” PAGCOR stressed.

PAGCOR’s April 2023 list of offshore gaming licensees shows SA Rivendell has five businesses operating in Metro Manila.

Payment modes

Mariz, a customer service representative in one of the online gaming platforms, told Rappler they use company phones to talk to Filipino online players in monetary transactions from deposits to withdrawals via GCash. The local payment platform is linked to users’ cellphone numbers.

“We’re like a casino. We’re a platform for online games. Players create accounts on our website via their GCash,” she said. 

“These are Filipino players. We handle the mode of payment, in and out ‘yung pera (the money comes in and out). Deposit and withdrawal,” she added. 

But she acknowledged that the website offers a menu of payment options.

NBI officials told Rappler the firm’s computers showed it used a US-based company that offers businesses swift and fast processing for payments from debit and credit cards.

They also said the gaming firm uses the same company to process the GCash payments. Users verify transactions on their phones using the local OTP system, which provides one-time codes for security.

The NBI findings involved Room 310, where Mariz works. The Filipino worker told Rappler she had no inkling of any scam. – Rappler.com