QCPD Anti-Cybercrime Team - ACT

Hindi na ako mahahack kasi napanood ko na ito!
Like and share mo din para di na mahack mga kaibigan at mahal mo sa buhay 👍

Cybercrime Prevention and Awareness Video "Serye" : Episode 1 - Hacking Panuorin at matutunan ang panganib na dulot ng Hacking at alamin ang mga paraan kung paano makaiwas dito.I-like at i-share sa mga mahal sa buhay upang mailig...

Prevention and Awareness Info Graphics
Grooming

Do not send sensitive information, especially n**e photos or videos, to anyone you just met online. There is a high probability that the hot guy or girl in the profile picture is not the real person behind the account. Anyone can be anyone on the internet and those who easily believe usually end up as victims of various types of cybercrimes.

In this case, 2 female victims (one minor) fell under the spell of a criminal who copied an account of another person and disguised himself as a young handsome guy. After gaining trust that eventually led to online relationships, suspect was able to request n**e photos which the victims gave thinking that they were in a relationship with a guy with pleasing personality.

After sending the n**e photos, the suspect then threatened and coerced the victims to meet up and have sexual in*******se with them or else he will upload their sensitive pictures online and send it to their relatives. Emotionally and psychologically disturbed, victims sought the assistance of Quezon City District Anti-Cybercrime Team (QC-DACT) which eventually led to the arrest of the suspect.
-DACT

Lalaki arestado sa 'online grooming' sa Quezon City | TV Patrol Natimbog ng mga awtoridad ang isang lalaking gumagamit ng larawan ng iba sa Facebook profile at nananakot sa mga biktimang babae na ikakalat ang mga hubad na...

Beware of Vehicle License-Plate Theft.

"I received a bomb threat message! What should I do?"

Bad people with real motive to injure or kill others usually do not inform their targets or victims to ensure the success of their attacks with maximum damage. It has been observed that bomb threat messages being circulated in social media are usually found to be hoax after the conduct of investigations. Some of the said messages are even being recycled and reposted through the years.

These kinds of concerning messages are still not being taken lightly by the PNP and other law enforcement agencies as the safety and well being of every Filipino citizen is paramount. All kinds of bomb threat messages are being attended with utmost importance.

If you ever receive similar kinds of bomb threat messages, either directed to you personally, against your organization or a warning from a friend, it is important to stay clam, immediately call the attention of authorities, and do not share the same message to stop the further dissemination of fear and panic to your friends and the public.

Please be guided by the step actions that you should undertake below.

"Beware of Hotel Scam!"

This video warns people on the modus of criminals randomly calling hotel room guests disguised as hotel employees taking care of their billing. Hotel guests are told that their credit cards had some problem and they will need details to fix the problem. Credit card information are being requested including account names, numbers, security codes, and even pins. Once given by victims, unaware of the modus, their credit card accounts are already compromised. A very simple and effortless scheme yet can victimize many!

Be aware!
Do not be a victim of Cybercrime!

Be Careful Of This New Hotel Scam When You Are Checking Into Your Hotel Be Careful Of This New Hotel Scam When You Are Checking Into Your Hotel New hotel scam that you need to be aware of. Please take this very seriously as its a...

MY ONLINE ACCOUNT WAS HACKED!

These are the words that we usually hear from victims who can no longer access their online accounts after being taken over by unknown individuals we famously referred to as “hackers”. Hacking techniques nowadays are Google search away for anyone to master, thus, many online accounts are getting compromised on a global scale.

The PNP Anti-Cybercrime Group investigated a total of Four hundred forty-seven (477) hacking cases from March 2013 to November 2018, while the Quezon City District Anti-Cybercrime Team (QCDACT) received Sixteen (16) Hacking complaints and the Cyber Patrollers monitored Sixty-two (62) Hacking incidents from April to December 2018 alone. This does not reflect all hacking incidents in the country since many were not reported to authorities.

Cybercriminals will never use their identity to commit cybercrimes that is why they prefer other person’s identity as fall guy who will be reported and hunted by their victims and investigated by authorities. Hacked accounts have the best credibility wherein many people, especially friends and relatives, would likely to believe in and comply with requests.

In Facebook account hacking cases, victim testimonies are almost similar wherein they received a link (phishing link) from a stranger or a Facebook friend (mostly hacked account as well) and asking for favor. The cover story varies, such as earning online game points, competitions, promos, etc., but they always require victims to click on the link and log-in your account details (username and password) to comply with their request. The link will redirect you to a seemingly legitimate page however, unknown to many, it is a fake or cloned FB Page. When you log-in in that site, your username and password will immediately be sent to the hacker and the next thing you know, your account has been taken over. You can try to re-login but the password has been changed instantly.

The hackers can do the following once they have taken over an online account:

1) Exploit contents, especially private chat groups, which can have sensitive information, photos, videos, or files that usually lead to extortion.

2) Assume your identity to ask for money, favor, or consideration from relatives and friends.

3) Post libelous, threatening, or harassment messages to anyone wherein the victim will take the blame and face investigation.

4) Discover other details linked to the compromised account that the hacker can further exploit such as bank records and other financial documents.

5) If subscribed to online payment services, hacker can withdraw, send money, or order via online shopping that will drain your virtual money.

6) Sell your account to other hackers who can do much more damage to your identity and especially to other people.

7) And anything beyond the wildest imagination of the hacker.

Hacking is punishable under Section 4(a) under Republic Act 10175 or the Cybercrime Prevention Act of 2012 which specifies offenses against the Confidentiality, Integrity and Availability of computer data and systems. Any person found guilty of any of the punishable acts enumerated in Sections 4(a) of this Act shall be punished with imprisonment of Prision Mayor or a fine of at least Two hundred thousand pesos (PhP200,000.00) up to a maximum amount commensurate to the damage incurred or both. However, if the act is committed against critical infrastructure, the penalty of reclusion temporal or a fine of at least Five hundred thousand pesos (PhP500,000.00) up to maximum amount commensurate to the damage incurred or both, shall be imposed.

Is my online account hacked?

Some people may not even know that their accounts were already hacked or being used by other people without their permission. Here are some of the indications that your account may have been compromised according to Facebook:

• Your email or password have changed
• Your name or birthday have changed
• Friend requests have been sent to people you don't know
• Messages have been sent that you didn't write
• Posts have been made that you didn't create

Tip: Facebook has an online recovery page for hacked accounts. In case you encountered this problem, immediately visit this page:

https://www.facebook.com/hacked

In this page, Facebook will try to confirm your identity by asking questions that you can answer being the legitimate owner including emails, old password before it was changed by the hacker, and other details. There is a huge chance you can still recover your account if you immediately report it so make sure to inform your friends as well. Not only they will be aware of the incident and save them from being victims of the hacker, but also will help you to report your hacked account for the immediate attention of Facebook.

So how can we fortify our online account against hacking?

Legitimate web based companies, including emails, online storage, social media networks, and other online services are doing their best to protect the privacy of their clients. They implement security measures that can be used to strengthen security of online accounts. One of the best security features that can be adapted is the 2-step authentication feature for an additional log-in security measure.

2-Step Authentication can save you if you happen to click on that very pleasing link and logged-in to a fake or cloned website (phishing website). The hacker can steal your username and password however the account service that you are subscribed in, such as Facebook, Google, Yahoo, etc., will send a code to the phone number or other recovery email that you provided to authenticate from a device you personally have. With this method, the online account services can verify if you are indeed the person trying to access your account.

Unfortunately, all victims that were interviewed stated that they have not activated the 2-Step authentication feature of their online accounts. It was an easy job for the hacker since no secondary authentication was required. It is important for you to use at least 2 or more authentication accounts options (numbers, emails, friend’s account, generated codes, etc) so that you can still recover even if your phone number gets lost or stolen.

Aside from 2-step authentication, here are other tips to secure your online accounts:

1. Use complicated passwords that cannot be easily guessed by other people but easy for you to remember. Longer passwords are always better especially if coupled with numbers and special characters.

2. Write your passwords down in a secured notepad (offline) as it can be surely forgotten over time. You need to re-enter your passwords if you need to update account information or verify identity. It will be a sure headache if you cannot access your own account not because you were hacked, but you simply forgot your own password.

3. Use different passwords for different accounts. If you use the same passwords for all, then it will only take one compromised account for the hackers to access all of your accounts.

4. Periodically check your log-in activities to know if your account is being accessed from other devices or locations. Immediately log-out other devices that you do not recognize and change password to deprive people who should not be snooping around your account.

5. Always verify if you are logging in a secure websites by checking the URL or link address bar of the browser. Legitimate and secure websites such as Facebook and Google has “https” usually indicating the domain name (ex. https://facebook.com/). If you see a Facebook or Google login-Page with “http” only (without “s”) that is a Phishing websites and you should never log-in.

6. The login-in interface of any website can be copied by hackers and trick victims to enter their credentials. Always visually check link addresses on the web browser because characters can be substituted to make it appear as a legitimate website (ex. i to I or O to 0) which can be easily missed without scrutinizing.

Many people do not avail or overlook such security precautions because they either do not know that it exist, they knew about it but they think it’s too complicated, or just being careless or worse, too lazy to secure their own online accounts. Many people think that there is no need for those hassles because hackers can’t get anything from their account, without realizing that their very identity is a gold mine for people with criminal intentions.

So please take the necessary security steps while subscribing into online services. These companies are doing most of the heavy lifting making sure that they provide us with safe, convenient and enjoyable experience. What we can do the very least is to use them responsibly, securely, and be aware of the dangers and consequences of having unsecured online accounts that can be hacked.

We wish you a Merry Christmas, Peaceful New Year, and a Cybercrime-Free 2019!!!

Leaked Private Chat Communication!

Chat apps are so common today being used as our daily communication platform to connect and share information to others. We don't even need load as long as you keep your data turned on, you can communicate text messages freely. If a group of like-minded people with common interest meet for a considerable period of time such as seminars and trainings, a group chat is likely to be created wherein they can stay connected and maintain an open communication. Some are for long term for close acquaintances such as class members, clans, company employees, etc, however, many are just for initial coordinations but eventually becomes dormant.

Either way, people can get comfortable in sharing information such as personal photos, videos, opinions, and other forms of posts of responses via this channel expectating that everything we comment, post, or share will be kept confidential to members only. Until someone's account got hacked or a member decided to take a screenshot of a private information shared in confidence by other member and post it in another chat group, or worse, in a public social media account.

Once a private comment, photos, or files, hits the open internet environment and attracts audience, it will be hard or even impossible to remove. Viewers can download what they can see and reupload even the original post was removed.

So always make sure to think long term on any post (comment, pictures, videos, files, etc) before you share it to anyone on any online platform either private or public.

If you have to post something on social media, no matter how personal, harmless or innocent it can be, do not expect all people that can see it will like or agree. Even you closest friend or relatives may have different impression or opinion and people who don't personally know you may have different interpretation and worse may not show any respect.

Especially if we are posting opinions in any subject matter or issues, things can get out of hand. People can respond inappropriately without regard to anyone's freedom of expression that we are all entitled to. If you have to post it publicly, as long as you are not violating any law, ethical standards or moral values, then you need not to worry at all. Just be brave and prepared to receive and accept all forms of responses and consequences.

So think very carefully on your next posting or upload that others can see. As much as possible, keep private and personal information to your trusted people only so that you won't have to worry about other's negative opinions or violent reactions.

A Case of Stolen Unsecured Cellphone that led to Robbery Extortion, Identity Theft, and Illegal Access (Hacking).

One evening, Mam Lita (not her real name) was robbed by a suspect forcibly taking her cellphone while walking in the street. Unfortunately her cellphone's auto locking feature was not set prior to the incident leaving her phone exposed. Like most of us, she has logged-in online accounts particulary social media and even shared the device to her husband who also logged his personal account.

Expectedly, the robber messed with the unsecured phone and started to message victim's friends and relatives asking for money while disguised as the real owner. The suspect further threatened Mam Lita, including her husband and son, that he will use their personal accounts to send malicious, libelous, sensual, and threatening messages to friends, relatives, and organizations, if they will not give him money, in which the suspect did.

Further extortion of the suspect led to his arrest after the Personnel Quezon City District Anti-Cybercrime Team (QCDACT) conducted an entrapment operation acting upon the report of the three (3) victims. All of them are now under attack by their relatives, friends and organizations whom the suspect victimized, intimidated, and angered using their personal social media accounts. The suspect returned the stolen cellphone however victims pursued the case due to the trauma and damage that the suspect had caused to their family.

The Suspect is under detention as of this time of reporting charged with Robbery Extortion, Online Identity Theft, and Illegal Access (Hacking).

Lessons Learned:
- Always keep vigilant and aware of your belongings and surroundings especially during night time.
- Make sure to activate your phones auto locking feature. If the phone was locked before the robbing incident, suspect could have a hard time or more likely unable to mess with the contents of your phone.
- Make sure your smartphones are always updated with the latest Operating System patch to avoid the cracking and by pass capability of some savvy cellphone technicians.
- Should the same incident happen to you, immediately report your logged in social media and other online accounts to the service provider to deactivate or change user credentials to deprive the robber who will likely abuse your online identity.
- Report the incident to the nearest Police Station for incident recording and appropriate Police response.

Like and Share our Page for more true story-based Cybercrime Prevention and Awareness tips.