Criminals, number spoofing
How difficult is it going to be to use this for fraud? It is already much too easy to social engineer a PAC out of some service providers in order to steal a number.
Fed up mobile customers can finally dump their providers by text from today, under new rules from Blighty's comms regulator, Ofcom. The body has also banned mobile providers from charging for notice periods running after the switch date, which it estimates will save consumers a total of £10m each year. Currently, folk wanting …
As I understand it, the PAC for the number making the request is sent by sms to the number that made the request. So to steal a number you would need physical access to the phone AND knowledge of the pin/password etc*. Surely that's an improvement over someone being able to sweet-talking a call centre operator to release a PAC for someone else's number
* except for anyone leaving their phone unlocked, but I hope people are a bit more clued-up these days and/or seduced by the 'futuristic' finger or face-unlock
I would imagine it will be much harder than just "number spoofing". Your network provider doesn't rely on just CLIP to verify your details, otherwise it would be simple to authenticate to a network and make calls on someone else's bill.
I would imagine that social engineering over the phone or chat would still be the easier route for Porting Fraud.
If the frauster already has access to the SIM SMS functionality (and can send and read messages), why would they need to steal the number? The device is already compromised.
Also the user would notice the phone go offline? There is a perhaps a fraud angle if a voice call is somehow useful but it has to be worth the risk of this method which would allow the user to notice.
There are easier ways to number spoof, transferring it is definitely more authentic but also more traceable.
They might not want to steal your number.
But they might want to transfer you to a really really really expensive tariff at their custom MNVO.
(I've heard of landlords doing a similar thing to tenants with energy tariffs - signing the lease gives them the right to change your provider; and there are specialist not-very-cheap providers out there
for just this purpose. I shared an office a while back with someone sorting out this very problem).
Even if they didn't get payment info and couldn't charge you automatically, they could presumably generate a bill for services provided and try to enforce it by means of legal threats. Or call you and social engineer a "confirmation" of your payment details.
"But they might want to transfer you to a really really really expensive tariff at their custom MNVO"
Not going to happen. This type of fraud doesn't exist as it would be simple to detect, simple to shut down and simple to send the directors to prison. Way, way to complicated to set up for very limited potential gains.
The energy transfers issue is easier to do and it is the 'sales people' doing it to get commission.
Once again, in the route of GDPR you have a nice new avenue with massive fines that you can also pursue to deal with these issues.
"This type of fraud doesn't exist as it would be simple to detect, simple to shut down and simple to send the directors to prison."
You could say the same thing about nuisance callers and yet we see it happening. If there's a line of fraud available someone will think they're good enough to try it. Never underestimate the power of the Dunning Kruger effect.
No you can't say the same with nuisance callers.
That type of fraud does exist
The barrier to entry is very, very low
Anyone can do it and set it up in one afternoon
They are not simple to shut down as they may be from abroad
The directors may not be sent to prison as they will probably be abroad etc
To set up an MVNO you have to create an agreement with a network operator who has their own operating licence. There is then a major set up, with piggybacking on to their network, contracts put in place, credit checks done,the full autentication and complex systems put in place, billing an dcustomer service teams, etc etc
Really isn't the same as setting up a call centre.
With the energy company "arrangement" above, there was nothing necessarily wrong with the energy company. They were expensive, but not terrifyingly so. The trick seemed to be to encourage the landlord to put the necessary clause in the lease, then execute the switch, and hope the tenant didn't notice, care, or feel able to object. I presume any commission payments were all perfectly regular and above board, and any deceit, if deceit there was, was in the landlord sneaking the arrangement past the tenants on sign up, rather than the energy company breaking any operating rules.
It sounds like you need to change dentists! My dentist is a lovely young chap, with some very attractive young female dental assistants, who positively encourage me to make a regular 6 month check-up. I'd go more often but my health insurance and my wife might object...
No it's worse, Broadband providers do the metaphoric equivalent of pulling out all their teeth if the clueless customer uses the wrong terminology/wording.
Useless Ofcom (a lot of partisan ex-BT folk) have the figures/data for Openreach line cessations that result in a reconnection to the same customer, which indicates a "full tooth extraction" aka. ISP creates Openreach job ticket for "Line Cessation" for no reason, then fails to respond to requests to cancel it (assuming the customer even realises what's just being done to stop them leaving, within 24hrs the line is dead and their existing number). The customer can reconnect to the same ISP for free, but it's £60 to reconnect to a different one.
So much anti-competitive behaviour is hidden behind OR/BT's clunky switching systems that just don't work seamlessly. You could write a book on it.
(MPs, cross-examining those in the know during Parliament Select Committees never seem to have the technical knowledge/intelligence to asks the right questions).
From my PoV it's about a week too late. Not that it was particularly difficult. I was changing from a PAYG to a low data cap sub and the new provider's rates ran rings round his. He started to explain that they "used somebody else's network". I just pointed out I was in the industry more than 30 years ago so I understood all that; it cut him off sharply - I didn't even need to point out that his own in-house MNVO did exactly the same thing or that even back then I knew the people doing his exact job.
I wonder what the real retention rates are and whether they justify the costs of running that side of the call centre. Perhaps this will actually save the operators money.
Try and put me through any kind of customer retention, lose all possible goodwill that remains.
I'm leaving for a reason. Either you couldn't be bothered to offer me a better deal than the competition, or you deliberately didn't because you didn't want me have it. I don't deal on those terms.
Whatever you offer me *at that point* is a no. No. No. Not interested. No. Three tried this with me recently when I left for another provider because while they were putting up prices and not increasing allocated data, and also not informing me of better package they had themselves, their competitors were all giving more data for less money. Suddenly offering me the same deal I was on for "half price" doesn't make me happy... it pisses me off that I've already paid over the odds all that time. You could have done that *at any point*. You didn't. I'm not threatening to leave every six months in order to stay on the best deal... either give it to me, or suffer the loss of my custom when I find something else. Getting half the money out of me that you were is better than no money at all. Consider it a learning experience.
And the longer that "retention" process takes, the more annoyed I'll get. If it comes to it, I'll just do it by letter. I'm really not interested. This contract is cancelled, that was your notification, goodbye.
I didn't even need a PAC code, so I didn't care. The SIM was only used for Internet in a little 4G wifi router I use, and it really does not matter what the number is/was. The next SIM will work just as well on any number it's allocated.
It all comes back to: if you were loyal to your customers, they'd be loyal to you, and wouldn't have to go through forced customer retention after you've failed to deal with whatever the problem was.
The regulators are finally catching on - the utilities regulators are now saying "stop giving new customers better deals than existing ones". Mobile companies will have to follow suit. It's a ridiculous way to work. I instead choose companies who not only give me a good deal, but make my deal better all the time, and when I introduce a customer gives us both a bonus (i.e. I still haven't needed to pay for two months Internet/4G with the new provider yet because of referral bonuses). That's how you get new customers, and keep the old ones.
Pretty much, I wish all providers in all industries were like this. It shouldn't matter who actually pumps gas or electricity into my house, who supplies the broadband, my mobile SIM, or anything. I should be able to just switch electronically at the press of a button, no questions asked and nothing has to take place for it to all just move to the new provider.
There's also a reason that I use a 4G wifi router... broadband sucks in my area and I refuse to pay line rental which costs MORE than a full unlimited 4G connection, before I even start down the road of actually getting broadband (and getting rid of the bundled TV connection and phone line that I don't even want). They wanted £150 or more to actually "flick the switch" on an existing line, then line rental, then money on top for the rest of the services, plus an engineer visit meaning a day at home.
Paid £50. Got an unlocked 4G router. Put in a few PAYG SIMs from various companies and ended up on a Pay Monthly with Three until recently. Swapped it out for the new provider in 10 seconds, while both SIMs were still technically active and could be used (if there was something wrong and it didn't work). Cancelled Three. Told them to stick their post-customer special-offers. No, I have no use for the SIM anyway. No, I don't care that it's half-price. No, I'm not going to pay for it and then "give it to a friend" or "keep it as a backup". Get lost. I don't want it.
You had your chance, while I was a loyal, regular-paying, existing customer. You weren't interested. Game over.
Out of curiosity, what's the plan with "full unlimited 4G connection" that's cheaper than a line rental?
So-called "mobile broadband" is much more expensive. I'm guessing you might be on a phone contract where the Ts&Cs say you should only use it for the phone and not do tethering etc. But I suppose a VPN to stop them snooping on content and you might get away with it. Was going to say you should avoid iPlayer/Netflix too but given what teenagers are like that probably is normal 4G usage these days.
Edit: I'll answer my own question. Smarty currently offering £18.75/month. And allows tethering!!! I'm gobsmacked.
Try and put me through any kind of customer retention, lose all possible goodwill that remains.
The prices quoted here will make any Canadian weep with frustration. But more to the point, invariably the super-duper customer retention deal (or even new customer deal) invariably only lasts for X number of months, after which you go back to paying through the nose.
In any other industry this would be called "bait and switch."
Then again there's TV. We eventually dropped Netflix and tried out Amazon.ca Prime. This weekend we tried to watch a guilty pleasure, the new "Will and Grace." We were dumbfounded to find that as well as the $79 a year Amazon charge, we would also need to pay ANOTHER $12.99 a month for something called "Stack TV" which is basically a pared down version of what our cable TV operators are still flogging to the masses. Thankfully there's a one month trial, so we can binge watch the latest series and then cancel it.
Meanwhile our public libraries are getting hammered by price increases and tightened usage restrictions on the e-books that they offer.
The VPL says despite print and digital copies functioning in much the same way, allowing only a single user to read a book at one time and employing seven- or three-week loan periods, perpetual access ebooks can cost up to 300 per cent more. For instance, David Baldacci's The Fallen costs the VPL $22.80 for a physical copy, and $87 for a digital copy.
And of course, Microsoft is just nuking all e-books on a whim.
I honestly think that the whole digital media economy is on the edge of just collapsing into a pile of e-rubble, with most of us reverting to paper books, DVDs, and vinyl records.
After spending 45 mins on the phone trying to get a PAC code out of Vodafarce, this sounds like an excellent idea to me. In my case I had to threaten to call OFCOM before they finally caved in and gave me the PAC code. Even then they made me wait 8 mins for the code. Sometimes I am too nice for my own good, but after the poor service I'd had for the 2 years prior to that, I wouldn't have stayed with them if they'd offered unlimited minutes, texts, data and beer!
Biting the hand that feeds IT © 1998–2019