GCash, CICC block over 3,200 illicit merchants

Mobile wallet GCash and the Cybercrime Investigation and Coordinating Center (CICC) have blocked over 3,200 merchants found to be connected with illicit activities such as illegal online gambling operations since 2025. 

“By proactively blocking unauthorized actors and reporting them to our regulators and authorities, we are helping protect Filipinos and maintain trust in the country’s digital financial ecosystem,” said Miguel Geronilla, Chief Information and Security Officer of G-Xchange Inc. (GCash).

GCash said it is working with CICC and the Philippine National Police (PNP) Anti-Cybercrime Group (ACG) to flag and suspend entities attempting to misuse the mobile payment app and QRPh without authorization, as well as those masking as QRPh which could lead to unauthorized transactions.

The mobile wallet said it uses proactive monitoring to identify and disable these connections, reporting the sites to regulators and the CICC to support government enforcement.

GCash has implemented several safeguards to maintain service integrity such as:

• Proactive Monitoring: Systems to detect unauthorized merchant activity.
• Account Suspension: Immediate disabling of links to fraudulent operations.
• Regulatory Compliance: Reporting suspicious transactions to the Anti-Money Laundering Council (AMLC) and CICC.

The mobile wallet also cited deceptive tactics used by illegal merchants and scammers to mislead customers into sending payments to unauthorized accounts, including the following:

• QR masking where seemingly legitimate QR codes redirect payments to a different or personal account. 
• Creating fake payment pages or merchant accounts that imitate legitimate businesses.
• Impersonation of the GCash payment page, where scammers create fake pages designed to look like the official GCash interface to deceive customers and collect unauthorized payments.

“These tactics can expose users to financial losses, scams, and unauthorized transactions,” GCash said.

The mobile wallet advised users to never share your MPIN or OTP, be cautious with QR codes by avoiding scanning QR codes sent via random messages, emails, or social media posts, and verify legitimacy of the merchant by checking the merchant name and transaction details before confirming payment via QRPh.

Users were also advised to avoid sending funds to personal accounts as legitimate merchants should not require transfers to personal wallets for payments.

GCash urged the public to report suspicious activity through its Help Center (2882), call the CICC hotline (1326), or report it to the PNP Anti-Cybercrime Group (02) 8723-0401 (loc 7491). — JMA, GMA Integrated News