Captain Jack Sparrow
Anti-cryptominer
- Joined
- Jul 1, 2007
- Messages
- 561
- Reaction score
- 118
I've already posted this on a BlackBerry specific forum. I can't link it as per forum rules, but if this saves even one person from getting scammed, then it was worth re-posting here.
Firstly, to be clear, this can affect any mobile data 3G/4G web browsing on any type of device. In this case, it happened to me on a BlackBerry Z10. It also has previously happened to me on an iPhone 4S. As far as I know, this does NOT affect browsing over Wi-Fi unless you're using a "Personal hostpot".
This is going to be a long post, so please read this carefully.
The scam works as follows:
A webpage which has ads inserted via an ad network could forcibly redirect to a webpage which immediately charges directly to your phone bill or debits your credit. Granted, most web ads and popups are harmless, but this kind of thing shouldn't be allowed to happen.
This scam is operated by the "big 4" UK networks: EE, Vodafone, O2 and Three. It is facilitated by a backend service called "PayForIt" (external link) which can charge directly to a user's phone bill or credit without any type of authorization.
When using PayForIt, a clear webpage should be shown informing the user that proceeding will result in a charge to the their phone bill. This should also clearly show the amount which will be charged. Scammers take advantage of this system by disguising the proceed button as another element such as an invisible button covering the whole page, so that clicking or tapping anywhere will result in a charge being made. All they have to do now is simply hide the PayForIt confirmation elements behind other webpage elements, so that they aren't visible.
However, as of recent, it seems that the crooks are now including Javascript code which will automatically simulate the victim clicking or tapping on the proceed button without any user intervention, causing victims to get charged, simply for landing on a maliciously crafted webpage. This usually happens on a Friday night, and I'll explain why later.
I have been duped by this scam. It has happened before, but that was only a one-off charge so I let it slide. I called my operator, and requested that a £0.00 spending limit to be placed on my account in the hopes of preventing this from happening again. They confirmed that this has been successfully applied, and will be effective immediately. But this didn't seem to mean anything, because it happened again anyway, completely bypassing the £0.00 spending limit on my account. Only this time, I have been forcibly subscribed to a £4.50 per week service without my consent.
Now I know that posting phone numbers is normally against the rules, but this is a company contact number, and I hope you'll grant me a one time exception so that I can name and shame the poor excuse of a company "TapVids" as well as my operator, Three.
The second screenshot shows that a £4.50 charge has indeed been made to my phone bill. And of course, when attempting to send STOP to 64055, I get "Unidentified subscriber". Did you really think it would be that easy?!
My first step is to halt Three's Direct Debit on my account. This will be effective on Monday. I will not pay any further bills until this matter is resolved to my satisfaction.
My next step is to contact the number shown on the text. The reason this usually happens on a Friday night is because their "customer services", as well as your operator's customer services are typically closed until Monday. This means that they can bill you AGAIN for next week before you have a chance to dispute it! Therefore, it results in each poor sucker getting billed a minimum of £9. I'll have to wait until Monday before calling that number and demanding a refund.
If I am unable to get a refund from this service, then I will inform my operator, and demand a refund from them. If I am still unable to get a refund from them, then I will tell them that I am leaving them at the end of the month (no contract) and will not be paying the final bill until this matter is resolved.
Finally, as a last resort, I will register a complaint to PhonepayPlus (external link), and prepare to take both Three and TapVids to the small claims court.
I'll probably register a complaint about TapVids to PhonepayPlus anyway purely for abusing the (let's face it, horrifically flawed) PayForIt system.
I checked out the shortcode number on PhonepayPlus.
Notice how this service has only been active for less than a month. Are these kinds of services set up and operated until PhonepayPlus closes them down (which probably doesn't take very long), and then a fresh one is set up? Additionally, it states that the service is currently operating.
Why doesn't the STOP shortcode work then?
This is so out of order, if I went to a supermarket, bought my goods and paid, then noticed items on the receipt which I had not bought, but still had paid for, I'd dispute it immediately and would most likely get a refund. Here, they're not making it easy.
People think I'm visiting "shady websites". What exactly constitutes a shady site? The website I was visiting was a technology news blog which I frequently visit on my PC (although we have a commercial web filtering proxy which is very good at blocking adverts). Again, I can't link the website in question as per forum rules.
On my BlackBerry, I scroll down the page, suddenly an advert fills the page and opens 3 additional popup windows. I quickly close them all, and 5 minutes later, I receive the text message shown at the top of this thread.
I've now installed the latest Firefox APK directly from Firefox, which seems to work, but does not run very well on my BlackBerry. I also installed the AdBlockPlus extension along with it. Hopefully this will reduce the chances of it happening again.
I called Three's customer services. They tried everything they could to get the charges cancelled, but were unable to do so. I have now given 30 days notice to terminate my plan with them. They were not happy about this, and offered to change my phone number. While this would stop any further charges from this specific service, it'll probably still happen again, but with a different fraudulant service. With this in mind, I declined and asked to leave the them. I also requested to initiate a formal complaint against them.
I will be calling TapVids on Monday in a three-way call with Three to demand a refund from them. Failing that then I will immediately terminate my operator's direct debit on my account, and only pay the final bill amount excluding the fraudulant charges. They can chase me for £4.50 - £9 if they like. They're not getting it.
Regardless of the outcome, I will also raise a formal complaint with PhonepayPlus, the regulator of UK premium phone services, and inform them that TapVids are abusing the PayForIt system.
My last resort is legal action aginst TapVids for billing me for a service which I didn't want, nor ask for, and also against Three for not providing adequate safeguards to stop this from happening, despite claiming that they would do so.
If anybody else here has been caught by this, please - DO NOT SUFFER IN SILENCE, fight these crooks, as well as your operator and share your experiences here.
- Capt. Jack Sparrow.
Firstly, to be clear, this can affect any mobile data 3G/4G web browsing on any type of device. In this case, it happened to me on a BlackBerry Z10. It also has previously happened to me on an iPhone 4S. As far as I know, this does NOT affect browsing over Wi-Fi unless you're using a "Personal hostpot".
This is going to be a long post, so please read this carefully.
The scam works as follows:
A webpage which has ads inserted via an ad network could forcibly redirect to a webpage which immediately charges directly to your phone bill or debits your credit. Granted, most web ads and popups are harmless, but this kind of thing shouldn't be allowed to happen.
This scam is operated by the "big 4" UK networks: EE, Vodafone, O2 and Three. It is facilitated by a backend service called "PayForIt" (external link) which can charge directly to a user's phone bill or credit without any type of authorization.
When using PayForIt, a clear webpage should be shown informing the user that proceeding will result in a charge to the their phone bill. This should also clearly show the amount which will be charged. Scammers take advantage of this system by disguising the proceed button as another element such as an invisible button covering the whole page, so that clicking or tapping anywhere will result in a charge being made. All they have to do now is simply hide the PayForIt confirmation elements behind other webpage elements, so that they aren't visible.
However, as of recent, it seems that the crooks are now including Javascript code which will automatically simulate the victim clicking or tapping on the proceed button without any user intervention, causing victims to get charged, simply for landing on a maliciously crafted webpage. This usually happens on a Friday night, and I'll explain why later.
I have been duped by this scam. It has happened before, but that was only a one-off charge so I let it slide. I called my operator, and requested that a £0.00 spending limit to be placed on my account in the hopes of preventing this from happening again. They confirmed that this has been successfully applied, and will be effective immediately. But this didn't seem to mean anything, because it happened again anyway, completely bypassing the £0.00 spending limit on my account. Only this time, I have been forcibly subscribed to a £4.50 per week service without my consent.
Now I know that posting phone numbers is normally against the rules, but this is a company contact number, and I hope you'll grant me a one time exception so that I can name and shame the poor excuse of a company "TapVids" as well as my operator, Three.
The second screenshot shows that a £4.50 charge has indeed been made to my phone bill. And of course, when attempting to send STOP to 64055, I get "Unidentified subscriber". Did you really think it would be that easy?!
My first step is to halt Three's Direct Debit on my account. This will be effective on Monday. I will not pay any further bills until this matter is resolved to my satisfaction.
My next step is to contact the number shown on the text. The reason this usually happens on a Friday night is because their "customer services", as well as your operator's customer services are typically closed until Monday. This means that they can bill you AGAIN for next week before you have a chance to dispute it! Therefore, it results in each poor sucker getting billed a minimum of £9. I'll have to wait until Monday before calling that number and demanding a refund.
If I am unable to get a refund from this service, then I will inform my operator, and demand a refund from them. If I am still unable to get a refund from them, then I will tell them that I am leaving them at the end of the month (no contract) and will not be paying the final bill until this matter is resolved.
Finally, as a last resort, I will register a complaint to PhonepayPlus (external link), and prepare to take both Three and TapVids to the small claims court.
I'll probably register a complaint about TapVids to PhonepayPlus anyway purely for abusing the (let's face it, horrifically flawed) PayForIt system.
I checked out the shortcode number on PhonepayPlus.
Notice how this service has only been active for less than a month. Are these kinds of services set up and operated until PhonepayPlus closes them down (which probably doesn't take very long), and then a fresh one is set up? Additionally, it states that the service is currently operating.
Why doesn't the STOP shortcode work then?
This is so out of order, if I went to a supermarket, bought my goods and paid, then noticed items on the receipt which I had not bought, but still had paid for, I'd dispute it immediately and would most likely get a refund. Here, they're not making it easy.
----- THE NEXT DAY -----
People think I'm visiting "shady websites". What exactly constitutes a shady site? The website I was visiting was a technology news blog which I frequently visit on my PC (although we have a commercial web filtering proxy which is very good at blocking adverts). Again, I can't link the website in question as per forum rules.
On my BlackBerry, I scroll down the page, suddenly an advert fills the page and opens 3 additional popup windows. I quickly close them all, and 5 minutes later, I receive the text message shown at the top of this thread.
I've now installed the latest Firefox APK directly from Firefox, which seems to work, but does not run very well on my BlackBerry. I also installed the AdBlockPlus extension along with it. Hopefully this will reduce the chances of it happening again.
I called Three's customer services. They tried everything they could to get the charges cancelled, but were unable to do so. I have now given 30 days notice to terminate my plan with them. They were not happy about this, and offered to change my phone number. While this would stop any further charges from this specific service, it'll probably still happen again, but with a different fraudulant service. With this in mind, I declined and asked to leave the them. I also requested to initiate a formal complaint against them.
I will be calling TapVids on Monday in a three-way call with Three to demand a refund from them. Failing that then I will immediately terminate my operator's direct debit on my account, and only pay the final bill amount excluding the fraudulant charges. They can chase me for £4.50 - £9 if they like. They're not getting it.
Regardless of the outcome, I will also raise a formal complaint with PhonepayPlus, the regulator of UK premium phone services, and inform them that TapVids are abusing the PayForIt system.
My last resort is legal action aginst TapVids for billing me for a service which I didn't want, nor ask for, and also against Three for not providing adequate safeguards to stop this from happening, despite claiming that they would do so.
If anybody else here has been caught by this, please - DO NOT SUFFER IN SILENCE, fight these crooks, as well as your operator and share your experiences here.
- Capt. Jack Sparrow.
Last edited: