Manila Bulletin – GCash purges 3,200 merchants linked to illegal gambling, scams

Published Mar 14, 2026 11:55 pm

Digital wallet giant GCash has blocked more than 3,200 merchants found to be linked to illicit activities, including illegal online gambling platforms, as part of its effort to bolster consumer protection.

In a statement, GCash said it has been coordinating with the Cybercrime Investigation and Coordinating Center (CICC) since last year to shut down these merchants’ access to the digital wallet.

By prohibiting their access to the digital wallet, this move prevents illegal operators from misusing the QRPh payment rail, which has been used to lure users to fake GCash payment pages.

Many of these illegal merchants employ deceptive tactics to mislead customers into sending payments to unauthorized accounts.

Among the most common schemes is QR masking, where seemingly legitimate QR codes redirect payments to a different account.

Scammers also create fake payment pages that imitate legitimate businesses, as well as pages designed to mimic the official GCash interface to deceive customers and collect unauthorized payments.

GCash said it does not partner with these illegal merchants and operators, noting that they are typically independent entities attempting to route transactions through legitimate digital services.

To enhance consumer protection, GCash deploys proactive monitoring to identify and disable these schemes, which are then reported to authorities and the CICC to support government enforcement efforts.

“Entities attempting to misuse the GCash payment app and QRPh without authorization or are masking QRPh leading to unauthorized transactions are flagged, suspended, and reported to the relevant authorities,” it said.

Currently, GCash has measures in place to detect unauthorized merchant activity before users are scammed, helping maintain service integrity.

Furthermore, it immediately disables links to fraudulent operations and reports suspicious transactions to the CICC and the Anti-Money Laundering Council (AMLC).

 “By proactively blocking unauthorized actors and reporting them to our regulators and authorities, we are helping protect Filipinos and maintain trust in the country’s digital financial ecosystem,” Miguel Geronilla, chief information and security officer of GCash.

As another layer of security, GCash said users should never share their mobile personal identification number (MPIN) or one-time password (OTP), as these details are not required.

Further, consumers should verify the merchant’s name and transaction details before confirming payment via QRPh. Such merchants should not require transfers to personal wallets for payments.

Users are also urged to avoid scanning QR codes sent via random messages, emails, or social media posts.