The SIM Card Registration Act, signed into law in 2022, was supposed to solve a growing problem: anonymous text scams and mobile fraud. Filipinos were told that requiring every SIM to be registered under a verified identity would cut off cybercriminals at the source. By the end of 2023, over 54 million unregistered SIMs were deactivated — a dramatic move by any standard.
Despite this massive effort, spam texts, spoofed sender IDs, and even SIM hijacking haven’t gone away. In fact, some users believe the spam got worse after they registered. So, what went wrong — and has anything actually improved?
The Reality: Spam Still Gets Through
Months after the law took full effect, users on Reddit and other platforms started sharing the same story: scam texts didn’t stop. A Reddit user on r/Philippines said they received “an influx of text/phone scams every single day” right after registering their SIM. Another, who just activated a Smart eSIM, received scam messages within two days of going live.
This isn’t just anecdotal. According to multiple reports, the National Telecommunications Commission (NTC) and local telcos like Globe and Smart continue to track thousands of fraudulent text messages per day. While registration helps identify SIM holders after a crime has happened, it does little to prevent scams from reaching users in the first place.
The Rise of Spoofing and Cell Tower Hijacking
The more pressing issue is how scammers have adapted. Instead of using registered SIMs, fraudsters now turn to spoofing and hijacking — tactics that bypass SIM verification altogether.
Spoofing allows scammers to send messages appearing to come from trusted sender names like “GLOBE” or “8080.” They do this using IMSI catchers, also known as fake cell towers, that trick nearby phones into connecting through a compromised channel. These devices downgrade phones to vulnerable 2G networks, allowing attackers to send spam or extract data without passing through telco filters.
Senator Mark Villar called for a Senate investigation into how IMSI catchers continue to enter the country. Globe, for its part, has echoed the need for stricter border checks and legislative controls over this kind of equipment. Without such measures, SIM registration becomes ineffective against more sophisticated attacks.
Pushes for Reform
Senator Sherwin Gatchalian has introduced a bill proposing face-to-face SIM registration, a limit on the number of SIMs per person, and a total ban on marketing-related text blasts. His proposal also includes increasing penalties for telcos that fail to curb scam messages.
The senator says he continues to receive spam despite registering properly. He believes that gaps in implementation and tech loopholes make the current law toothless.
Gatchalian also pointed out that existing ID verification processes are easily abused. Scammers can upload fake IDs or use synthetic identities during online registration, making tracking pointless when it really matters.
Not Just a Legal Problem — A Tech Arms Race
Security experts believe more proactive measures are needed. Aside from closing the policy gaps, telcos must also update their filtering technologies, switch off 2G network access, and integrate AI-driven scam detection. Without cutting off legacy vulnerabilities, SIM registration remains only part of the solution.
Even the Department of Information and Communications Technology (DICT) admits that technology-neutral regulations may not keep pace with evolving threats. While millions of fake or unregistered numbers were wiped off the network, newer fraud techniques sidestep SIM identity entirely.
SIM registration was never going to be a silver bullet. It offered the government and telcos a way to trace perpetrators after crimes are committed, but it hasn’t stopped scams before they happen. Spoofing, hijacking, and exploitative tech tools have taken the place of burner SIMs. Meanwhile, users still receive the same fake promo messages, investment schemes, and phishing attempts as before.
If the goal was deterrence, then enforcement must be paired with proactive protection. Blocking device-level threats like IMSI catchers, upgrading network filters, and holding telcos accountable for fake registrations are steps we haven’t fully taken.
So We Ask: If SIM registration was meant to protect users, why are scammers still one step ahead?
Discover more from WalasTech
Subscribe to get the latest posts sent to your email.
