getting text messages from adult sites!

March2012

a friend has been getting this for a while . just managed to get the 3 network to reimburse him but it has started again. apparently they send you a text and just receivign it (not even opening the messages) one gets billed for it. my friend has been having conversations with 3 and they are never sorting it out or taking ages. this is now the 2nd time. would you change to another company??? or number though he prefers to keep his number? three is useful i think when going abroad? at the moment he has quite a high bill for this too? next step? thanks for any help

JJ_Egan

Move the number and its still on the !!!!!! guys database.

grumbler

Complain to phonepayplus: http://www.phonepayplus.org.uk/for-consumers/unexpected-phone-charge

Ask Three to block all premium content.

parttimeskint

Tell your friend to unsubscribe and stop downloading or watching !!!!!! on his phone.

Someone had to say it.

glennstar

Assuming he doesn't want PSMS services from any other source just ask Three to put a premium rate SMS bar on his phone.

P.S. I agree with parttimeskint!

Mr_Singleton

parttimeskint wrote: »

Tell your friend to unsubscribe and stop downloading or watching !!!!!! on his phone.

Someone had to say it.

Shouldn't that be..... "friend"

glennstar

Mr_Singleton wrote: »

Shouldn't that be..... "friend"

Ooooh! I see what you did there!

Martin50

Maybe, but I got unwanted popups from adult sites and these started to appear while I was checking train times: as far as I can tell I'd inadvertently tapped on an ad on a website and the ad had been compromised in some way. Vodafone did, at my request, block adult content on the web with the result instead of a pornographic site my phone started to load photos which, at first sight, looked like something advertising the spa in a moderately upmarket hotel...

In any case I did find myself signed up for a paid-for service that I knew nothing about (I've related the story in another thread here). Presumably part of the principle, exploited by the scammers who set these things up, is that if your phone starts displaying adult content while you're in a public place you'll just close the window and not look too closely at whether you are signing up for anything in the process. The adult pop-up that appeared on my phone did have a couple of tick-boxes saying 'do you want to download the videos' and there seemed to be no way of unticking the boxes.

Your network should be able to block any premium texts and extra paid-for services. This is clearly stipulated in the code of practice for premium services which the networks have signed up for. In my case I needed to get past various clueless people in customer services and in a Vodafone store before finding anybody who was able to put this into action. As others have said, this will also prevent you from using this approach for payment legitimately, but frankly if a payment system is so insecure that accidentally tapping on your phone could land you with a bill of £4.50 per week with no attempt being made to verify that you have authorised the payment then you are probably better off not using it.

glennstar

Martin50 wrote: »

Your network should be able to block any premium texts and extra paid-for services. This is clearly stipulated in the code of practice for premium services which the networks have signed up for. In my case I needed to get past various clueless people in customer services and in a Vodafone store before finding anybody who was able to put this into action. As others have said, this will also prevent you from using this approach for payment legitimately, but frankly if a payment system is so insecure that accidentally tapping on your phone could land you with a bill of £4.50 per week with no attempt being made to verify that you have authorised the payment then you are probably better off not using it.

Martin,
I don't mind admitting that I am thoroughly confused by your account of the incident as it doesn't match my understanding of how any of this works at all. You make reference to PSMS but the scenario describe resembles SIMPay in some way, especially if you did not enter your mobile number. Obviously they have no way of knowing what your number is unless you tell them and if they don't know your number they cant send you PSMS.
You say there were pop-ups while you were browsing the internet and also indicate that this is malicious in some way. Again this sounds a little confused to me. Maybe, if you require assistance or wish to help others avoid this similar trap it might be helpful to document the steps in an orderly manner, stating which site you were on or which app you were using, which device you are using (Android, iOS, Windows) and so on?

Martin50

My experience involved direct billing to the phone number, not PSMS. The original poster's friend seemed to have received unsolicited PSMS. Which is a different case, but my experience is relevant to that of the original poster because (1) I was able to pick up malware which directed me to a !!!!!! site without knowingly accessing any adult content (you'll need to take my word for this) and (2) it's possible to place bars on services which incur extra costs, but you might find somebody in a phone shop or on a customer services line who tells you otherwise.

I'll follow up with the story of my experience but it's long so I'll make it a separate post.

Martin50

OK - Glennstar asked about the whole experience that I referred to. Note that I already posted about this last year, so it's not news, and I'm not particularly looking for any resolution to my own case. But I do want to raise awareness and my personal view is that the way the telecoms industry handles this at present is deeply unsatisfactory. So here is the full account:

Last spring, my (then fairly new) Samsung Android smartphone started behaving oddly. More specifically, while I was trying to find details of train times to the west country, I found myself diverted to what would be technically described as an ‘adult’ website. Moreover it was a site which made it difficult to close the window or to navigate away from, which was a problem given that I really did need to find out those train times. Somewhat surprised by this, I looked around my operator’s support forum. I found lots of posts from people who wanted to reach adult content but couldn’t because the network had imposed a bar on them downloading such material. I was in the opposite position: the network was allowing me to download content only suitable for people of 18 or over – perhaps because it was nearly 18 years since I first used that network – but I needed to ask my network to bar this content.


Like a biological virus, this infection on my phone was able to mutate. Once my network operator had imposed a bar on adult content, the phone instead tried to load a less explicit version of the same material, which could best be described as looking like something out of the brochure for the spa attached to a reasonably nice hotel. It’s dispiriting to think that somebody who obviously has good programming skills has put their effort into this.
Still, this remained a minor irritation until a few months later, when I was sent a text message thanking me for signing up to some service, and telling me that I was to be charged £4.50 a week for the privilege. Again I thought little of it – until I looked at my mobile bill and found that I had indeed been charged £4.50 per week for a few weeks.


The official line is that this is an opt-in service and I must have clicked a button, after reviewing the terms and conditions, to approve it before being signed up. I didn’t consciously do any such thing and the most likely culprit is the pop-up adult website. By jabbing at the screen to make the unwelcome window go away, I could unwittingly have agreed to something that I didn’t want.


In fact it’s not difficult to disguise a sign-up screen within a web page or an app. You could make the terms and conditions so small as to be invisible, or put them on the edge of a screen so they can’t normally be seen. You could disguise the sign-up button under something else. You could, as the creator of the malware on my phone seemed to have done, put a tiny tick box against the question ‘do you want to download the videos’ with no apparent way of clearing the tick box or replying ‘no’ to the question.


There is also an element of taking advantage of human behaviour. If you’re a middle-aged man looking for a seat on a crowded train, and discover to your horror that your phone is displaying a picture from an adult website, you probably aren’t going to zoom in and carefully check whether there’s a set of terms and conditions in minuscule lettering somewhere in the corner.


The intriguing thing is why the creator of the bug would want me to sign up for this service. The most likely explanation is either that he had enrolled in a scheme where he got commission to send people to the service, or he was using it to host videos which he wanted people to download.


So, why is there an issue? Payforit, which is the intermediary owned by the mobile networks that can put this kind of charges through, includes among the frequently asked questions on its website ‘is Payforit a scam?’ They are right – it’s not a scam in itself – but there are interesting questions about why it’s a popular channel for scammers to use and why it is perceived as being a scam. Especially because it is positioned as a trusted intermediary.


First of all the arrangements to stop unwanted payments, by responding to a text, depend on you receiving a text. They also depend on you knowing that you shouldn’t reply to the message saying ‘you have been awarded £2517 in damages – send STOP to stop further messages’ but you should reply to the message saying ‘you have been signed up to a service for £5 per week – send STOP to leave the service’. Got that? Then try explaining it to my elderly father who struggles with understanding what a text message is. The code of practice on billing from the mobile broadband group undertakes to offer customers ‘certainty and control’ over premium rate services. I appreciate that the code of practice is voluntary and I don’t know how this wording would stand up in a court of law, but a text message that looks like spam and requires the customer to take action to avoid being paid isn’t what I would understand by certainty and control.


Second, if Payforit is to have any credibility as a trusted intermediary then it needs to offer some assurance that the funds it handles don’t get syphoned away by scammers. That means recognising that the scammers might be several removes away from them but they still need to ensure that they are in the chain, so they only do business with honest businesses. Somewhere along the chain, one of the participants needs to avoid dealing directly with businesses which are compromised in some way. It’s an analogous situation to Spam emails, where mail servers that are compromised and can be used to send Spam are blacklisted and other mail servers won’t deal with them. Whether the pressure to do this comes from legislation, from a regulator, or from consumer pressure I think some similar approach is needed to deal with illicit payments.


Third, the system as it stands is biased against consumers. If you do lose money through somebody using the service unscrupulously then it’s difficult to establish who to pursue for recompense, and it may well be an organisation with which, as a consumer, you have no business relationship. So there’s very little incentive for any of the businesses involved to change it.