Globe Telecom expanded anti-fraud defenses to counter illegal IMSI catchers and sophisticated phishing tactics that bypass SMS-based security controls, according to the company’s July 12 announcement, marking a shift from single-channel protections to network-wide threat intelligence as scammers migrate away from spoofed text messages toward fake cellular towers that intercept device connections.
TL;DR: Globe Telecom deployed multi-layered defenses including IMSI catcher detection and threat intelligence sharing with financial institutions and law enforcement as scammers shift from spoofed SMS to fake cell towers that bypass conventional security controls.
The telco outlined the security expansion in a statement published July 12, with Garrett Silao, chief information security officer at Globe, stating that scammers continuously adapt tactics as the industry strengthens controls against specific attack types. “This is why anti-scam efforts cannot rely on a single solution,” Silao said. “It requires continuous innovation, collaboration and public awareness.”

IMSI Catchers Bypass Traditional SMS Protections
IMSI catchers—illegal devices that masquerade as legitimate cellular towers—trick nearby mobile devices into connecting to fraudulent infrastructure by broadcasting stronger signals than authentic base stations, according to Globe’s technical description. Unlike spoofed SMS messages that originate within messaging systems, IMSI catchers exploit cellular network protocols by forcing automatic device connections that bypass security controls deployed at the messaging layer.
The technology represents an escalation in scammer capabilities as telcos have progressively hardened defenses against SMS-based fraud. Globe deployed enterprise sender ID verification, malicious link blocking, SIM box detection systems, and network analytics to identify suspicious messaging activity over recent years, reducing traditional text-message scams that previously reached millions of subscribers. Fraudsters responded by adopting network-level attack vectors that operate below application-layer protections.
Multi-Layered Defense Architecture Combines Network and Threat Intelligence
Globe’s expanded approach layers network protection with real-time threat intelligence sharing across financial institutions, government agencies, and law enforcement, according to the company’s statement. The telco secures legitimate enterprise messaging channels through sender authentication, proactively blocks known phishing websites at the network edge, and correlates suspicious activity patterns across systems to detect emerging attack campaigns before they scale.
The carrier operates network analytics infrastructure that monitors for anomalous connection patterns, unusual traffic volumes, and geographic clustering of suspicious activity—all indicators of coordinated fraud operations. Globe shares threat indicators with banking partners and regulatory authorities to enable faster response when scammers attempt to migrate from blocked channels to alternative attack vectors.
Enterprise IT managers evaluating carrier security posture for business deployments can assess Fortinet security solutions integrated at the network perimeter to complement telco-level protections with enterprise-grade threat detection and response capabilities.
Consumer Protection Extends Beyond Technical Safeguards
Globe expanded customer-facing protections through the Go Safe with Globe initiative and Scam Shield feature within the GlobeOne mobile app, according to the company. The telco publishes customer advisories documenting active scam campaigns and runs digital literacy campaigns equipping subscribers to recognize social engineering tactics, urgent payment requests, and credential phishing attempts before financial damage occurs.
“Technology plays a critical role in protecting customers, but awareness is equally important,” Silao stated in the announcement. “The more informed people are about how scams work, the more difficult it becomes for fraudsters to succeed.” The company encourages subscribers to report suspicious messages and calls through official channels to feed threat intelligence systems that identify emerging attack patterns.
The escalation in AI-driven cyberattacks documented by security researchers earlier this year has intensified the need for layered defenses that combine automated threat detection with human awareness training across both consumer and enterprise deployments.
Industry Collaboration Required for Effective Fraud Prevention
Globe coordinates anti-fraud efforts with enterprise partners, financial institutions, and government agencies to close gaps that scammers exploit when transitioning between platforms and attack vectors, according to the statement. The telco shares threat intelligence with law enforcement to support criminal investigations and works with financial services providers to validate legitimate transaction notification channels versus spoofed sender identities.
The multi-stakeholder approach recognizes that scammers operate across interconnected systems—from telecommunications networks to banking platforms to social media channels—requiring coordinated defenses that extend beyond any single organization’s infrastructure perimeter. Philippine enterprises evaluating session border controllers for VoIP deployments can implement similar multi-layered security that validates calling party identity and blocks fraudulent caller ID spoofing at the network edge.

Context and Outlook
Globe’s security expansion reflects a broader shift across Philippine telecommunications as carriers respond to increasingly sophisticated fraud operations that adapt faster than traditional security update cycles. The move from SMS-based scams to network-level attacks using IMSI catchers demonstrates how cybercriminals invest in technical capabilities that exploit infrastructure vulnerabilities rather than rely solely on social engineering delivered through application channels.
For Philippine IT managers evaluating carrier reliability and security posture, the presence of network-level threat detection and cross-industry intelligence sharing represents a more mature security architecture than point solutions deployed at individual service layers. Organizations deploying business-critical communications infrastructure should verify that carrier partners maintain active threat intelligence feeds, coordinate with law enforcement and financial institutions, and operate security operations centers with real-time anomaly detection across network traffic patterns.
The ongoing cat-and-mouse dynamic between security controls and attacker innovation means that anti-fraud defenses require continuous investment rather than one-time deployments. Enterprises can complement carrier-level protections with enterprise VoIP security measures that validate calling party identity, implement allowlist-based call routing, and maintain audit logs of suspicious connection attempts for correlation with broader threat intelligence.



