back to article You'll LITERALLY PAY for getting tricked into visiting these scam sites

Cyber-crooks have latched on to online scams that exploit direct-to-bill payment options. Security biz Malwarebytes warns that crooks are tricking users into visiting mobile sites containing code that charges users via their mobile number. Victims are corralled through a complex series of pop-up adverts to a fly-by-night web …

  1. Spindreams

    The mobile phone companies have no interest in stopping these scams as they make lots of money from them, I have had two mobile phones on tre.it (Three italia) where I have been charged for premium SMS content without ever subscribing to anything or visiting any websites etc (scammed out of about €200 of credit) You don't need to, they just pick your number randomly and subscribe you, it is then down to you to cancel the subscription if you happen to notice (they hide it well) it which will repeat every day or week if you don't. This sort of thing should be simply made illegal...

    1. Anonymous Coward
      Anonymous Coward

      >This sort of thing should be simply made illegal...

      It is in most of the developed world. Italy well ...

  2. Buzzword

    Opt-out

    It would be nice if the mobile operators gave us a way to opt-out of all such products. I have zero interest in paying for anything via my mobile bill.

    1. GrumpenKraut Silver badge

      Re: Opt-out

      Opt-out? Sure, that'll be 5 bucks per month.

    2. This post has been deleted by its author

    3. Graham Marsden
      Devil

      Re: Opt-out?

      ITYM we should have to *opt in* to even be able to have such things happen on *our* phones...

      "Do you want sites you visit with your mobile to be able to direct charges to your phone bill? [Y/N]"

  3. Shrub

    > advised users to take advantage of mobile ad-blocker software.

    There are not many options that I know for non-rooted phones. Ad block on Firefox on my mobile is the easiest thing I could find, ad blocks are not even on the Play store these days AFAIK which means users would have to install untrusted sources...

  4. John G Imrie Silver badge

    Nothing new under the sun

    Reminds me of the old dial up scam where the scamers would change the number of your ISP on your computer to a Premium Rate Number.

  5. adnim Silver badge
    Mushroom

    Rooted my Android

    What adverts?

    I do have some sympathy, but not much for those who buy a device that they do not actually control.

    Direct to bill payments shouldn't even exist.

    "Frauds along this line have been a constant source of complaints on forums and other sites for a number of years." So nothing new then, why is it still happening?

    "Payforit, an operator-run direct-to-bill payment service" Operator run?

    Why is the payforit website a .org?

    Ahhh..

    "Payforit is not a company. It is a set of mobile consumer experience flows and a trust mark. It is supported by the 4 UK Mobile Network Operators– Vodafone, O2, Three and EE"

    For fuck sake... Now you know why the operators do fuck all about it despite it going on for years

    1. asdf Silver badge

      Re: Rooted my Android

      >I do have some sympathy, but not much for those who buy a device that they do not actually control.

      Like virtually all the malware on iOS only working if you jailbreak your phone? Same for a lot of it (malware and vulnerabilities) on Android as well. You can beat adverts even with an unrooted phone by for example using privoxy on your router. I completely agree with you on the desktop and did root my backup Android phone that doesn't contain much personal or work data on it as the custom roms especially on older handsets are the only way to go.

    2. asdf Silver badge

      Re: Rooted my Android

      >Direct to bill payments shouldn't even exist.

      Except I would say to legitimate non profits as this one of the big ways at least in the US to get millennials to give to charity (hard to blame them considering how Boomers f__ked them but I digress).

  6. Boothy

    Cool off period

    Payment systems like these, and other similar type, aught to have a cool down period.

    User 'pays', and money is deducted from 'account' by the processing company. User gets notified.

    Money only transferred from processing company to service provider/scammer after x number of days.

    People report the scam to the processing company (perhaps via phone company), they investigate.

    If the complain is valid, the service provider refunds money, before it gets to the scammer.

    If the investigation shows the whole service is a scam, rather than just one or two user issues, then all payments made to it are automatically cancelled, and all details used by the service provider to create the account (their bank details etc). are passed to appropriate authorities.

    If the service providers don't agree to do this voluntarily, then bring in legislation.

    1. Loud Speaker

      Re: Cool off period

      then bring in legislation

      You will probably need to nuke from high orbit to be sure on this one.

  7. something_or_another

    It's called ......

    X-FRAME-OPTIONS: DENY

    Fire yet another lot of Shitty Devs!!!

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019