Now that the first victims of the Heartbleed web vulnerability…
Beware of mobile phone scams
Arriving at the Frankfurt airport late in the evening. The flight was almost on schedule so I have some 30 minutes left before the final leg to Helsinki. A nice opportunity to check my mail and the latest headlines. What a blessing with free WiFi on the airports! And Frankfurt is no exception; the “open network available” -indicator is on when I grab the phone. And there we have the welcome-screen that pops up in the browser. But wait a minute, this one looks different. “Please fill in your mobile phone number and select your country. We will send you an SMS with details about how to log into the wireless network.”
Stop! You should always stop and think when an unknown website asks for your mobile phone number (well, actually when asked for any kind of personal information). Knowing your number is the key prerequisite for someone who want to scam you with premium rate text messages. Ask yourself the following questions when you encounter a page like this:
- In what way do I benefit from giving my phone number to this organization? Do they have a valid reason to reach me by phone?
- Do I know this organization and is it trustworthy? Do I even know what organization I am dealing with?
- Am I accepting legal terms when submitting my number? Have I read them and did I understand them?
- Do I need to participate at all? Can I live without the opportunity to win an iPod, or whatever they offer me?
Most people already know that one should be careful when entering mail addresses at fishy websites. Your junk mail folder may start to fill up much faster than before. But what about your mobile phone number? It’s easy to forget that the mobile number is a key to a billing system. It can be a lot more harmful if it gets in the wrong hands. You may get an unpleasant surprise in the next phone bill.
How does the scam work? Someone puts up a web page where you can sign up for anything that sounds interesting. A lottery is a typical example. Your phone number is required as part of your personal information. And you are of course keen to get it right as you want to make sure they can reach you if you win. There’s also the usual checkbox indicating that you accept the terms, but who cares about those legal details?
Well, you should care. Somewhere deep down in the terms there is a paragraph where you agree to receive informational text messages, or whatever they are called, for a price that can be several Euros each. Yes, that’s right. The billing system of our mobile phones supports messages that are paid by the recipient. This scheme is not even illegal as you have agreed to receive them. And needless to say, the sender is impossible to reach if you change your mind and want to terminate the agreement.
You should leave out your phone number or steer clear of the site if you have any doubts about it. If the organization isn’t trusted, but you still feel that you really have to participate, get familiar with the legal terms. Yes, I really mean reading them!
Another variant of the scam is to send you an unexpected text message that invites you to a quiz, a lottery or something else. Responding to the message means in practice that you sign up to the scam.
So what about Frankfurt? Well, the page asking for my phone number was pretty nicely designed. It looked legit. But there was a legal document that users must accept. So I decided to not use the network. It’s much nicer to spend the remaining 20 minutes before departure reading a good book about sailing in the Mediterranean than reading legal terms.
PS. I’m of course not claiming that the Frankfurt network login is a scam. The point is that I can’t know for sure, and I don’t have to take the risk as the benefit I could have gained was very small.
Photo by whiteafrican @ Flickr