back to article Frustrated Brits can dump mobile providers by text as of today

Fed up mobile customers can finally dump their providers by text from today, under new rules from Blighty's comms regulator, Ofcom. The body has also banned mobile providers from charging for notice periods running after the switch date, which it estimates will save consumers a total of £10m each year. Currently, folk wanting …

  1. Benson's Cycle

    Criminals, number spoofing

    How difficult is it going to be to use this for fraud? It is already much too easy to social engineer a PAC out of some service providers in order to steal a number.

    1. Anonymous South African Coward Silver badge

      Re: Criminals, number spoofing

      Snap.

      Was about to say the same. Ne'er-do-wells will abuse this system.

      1. KittenHuffer

        Re: Criminals, number spoofing

        You've both already spoofed the comment I was planning to post!

        How is TheReg gonna stop this way in which comments can easily be spoofed?!?

    2. jmch Silver badge

      Re: Criminals, number spoofing

      As I understand it, the PAC for the number making the request is sent by sms to the number that made the request. So to steal a number you would need physical access to the phone AND knowledge of the pin/password etc*. Surely that's an improvement over someone being able to sweet-talking a call centre operator to release a PAC for someone else's number

      * except for anyone leaving their phone unlocked, but I hope people are a bit more clued-up these days and/or seduced by the 'futuristic' finger or face-unlock

      1. cbars

        Re: Criminals, number spoofing

        Yea, I think spoofing can be done outbound but not inbound unless you're also co-incidently using the same mobile phone mast as the victim. I am not an expert

        1. steelpillow Silver badge

          Re: Criminals, number spoofing

          With a minute's delay allowed, you cannot assume the mobile equipment will still be attached to the same cell/mast.

    3. Anonymous Coward
      Anonymous Coward

      Re: Criminals, number spoofing

      I would imagine it will be much harder than just "number spoofing". Your network provider doesn't rely on just CLIP to verify your details, otherwise it would be simple to authenticate to a network and make calls on someone else's bill.

      I would imagine that social engineering over the phone or chat would still be the easier route for Porting Fraud.

    4. Wellyboot Silver badge

      Re: Criminals, number spoofing

      Very is my first thought. Compromise phone, steal bank details, kill or steal the number to put owner into limbo.

      I can't see how a secure verification check could be added that wouldn't also be open to the same compromised application.

    5. Anonymous Coward
      Anonymous Coward

      Re: Criminals, number spoofing

      If the frauster already has access to the SIM SMS functionality (and can send and read messages), why would they need to steal the number? The device is already compromised.

      Also the user would notice the phone go offline? There is a perhaps a fraud angle if a voice call is somehow useful but it has to be worth the risk of this method which would allow the user to notice.

      There are easier ways to number spoof, transferring it is definitely more authentic but also more traceable.

      1. Anonymous Coward
        Anonymous Coward

        Re: why would they need to steal the number?

        They might not want to steal your number.

        But they might want to transfer you to a really really really expensive tariff at their custom MNVO.

        (I've heard of landlords doing a similar thing to tenants with energy tariffs - signing the lease gives them the right to change your provider; and there are specialist not-very-cheap providers out there

        for just this purpose. I shared an office a while back with someone sorting out this very problem).

        Even if they didn't get payment info and couldn't charge you automatically, they could presumably generate a bill for services provided and try to enforce it by means of legal threats. Or call you and social engineer a "confirmation" of your payment details.

        1. Anonymous Coward
          Anonymous Coward

          Re: why would they need to steal the number?

          "But they might want to transfer you to a really really really expensive tariff at their custom MNVO"

          Not going to happen. This type of fraud doesn't exist as it would be simple to detect, simple to shut down and simple to send the directors to prison. Way, way to complicated to set up for very limited potential gains.

          The energy transfers issue is easier to do and it is the 'sales people' doing it to get commission.

          Once again, in the route of GDPR you have a nice new avenue with massive fines that you can also pursue to deal with these issues.

          1. Doctor Syntax Silver badge

            Re: why would they need to steal the number?

            "This type of fraud doesn't exist as it would be simple to detect, simple to shut down and simple to send the directors to prison."

            You could say the same thing about nuisance callers and yet we see it happening. If there's a line of fraud available someone will think they're good enough to try it. Never underestimate the power of the Dunning Kruger effect.

            1. Anonymous Coward
              Anonymous Coward

              Re: why would they need to steal the number?

              No you can't say the same with nuisance callers.

              That type of fraud does exist

              The barrier to entry is very, very low

              Anyone can do it and set it up in one afternoon

              They are not simple to shut down as they may be from abroad

              The directors may not be sent to prison as they will probably be abroad etc

              To set up an MVNO you have to create an agreement with a network operator who has their own operating licence. There is then a major set up, with piggybacking on to their network, contracts put in place, credit checks done,the full autentication and complex systems put in place, billing an dcustomer service teams, etc etc

              Really isn't the same as setting up a call centre.

              1. Anonymous Coward
                Anonymous Coward

                Re: To set up an MVNO you have to

                With the energy company "arrangement" above, there was nothing necessarily wrong with the energy company. They were expensive, but not terrifyingly so. The trick seemed to be to encourage the landlord to put the necessary clause in the lease, then execute the switch, and hope the tenant didn't notice, care, or feel able to object. I presume any commission payments were all perfectly regular and above board, and any deceit, if deceit there was, was in the landlord sneaking the arrangement past the tenants on sign up, rather than the energy company breaking any operating rules.

                1. Anonymous Coward
                  Anonymous Coward

                  Re: To set up an MVNO you have to

                  That hasn't been allowed for some time. If the tenant is responsible for bills then they have the right to switch suppliers at any time.

                  Tenant Switching

      2. John Brown (no body) Silver badge

        Re: Criminals, number spoofing

        "If the frauster already has access to the SIM SMS functionality (and can send and read messages), why would they need to steal the number? The device is already compromised."

        Lots of Android apps demand SMS permissions to run.

        1. Anonymous Coward
          Anonymous Coward

          Re: Criminals, number spoofing

          "Lots of Android apps demand SMS permissions to run."

          No longer allowed on the play store.

          1. Anonymous Coward
            Anonymous Coward

            Re: Criminals, number spoofing

            Which is of course the only possible way of installing an Android app isn't.

            1. Anonymous Coward
              Anonymous Coward

              Re: Criminals, number spoofing

              Your sentence doesn't make sense, however if you choose to install an application from outside the Play Store I would hope that you would do sufficient due diligence to not install one that needs random permissions.

    6. steelpillow Silver badge

      Re: Criminals, number spoofing

      Not sure how you would monetise a change of provider, as it does not appear to set up the new payment deal.

      Would be useful as a DOS attack, though.

    7. Nick Kew Silver badge

      Re: Criminals, number spoofing

      Never mind criminals, what about pranksters? Kids? When one ten-year-old boasts of having done it to his parents, how long before the whole class have figured it out?

      1. John Brown (no body) Silver badge

        Re: Criminals, number spoofing

        Requesting a PAC code doesn't actually do anything until you contact your prospective new provider, sign up with them, get into a legal agreement and then give them the PAC so they can action the change.

        1. chroot
          Joke

          Re: Criminals, number spoofing

          They've thought of that and also introduced the STAC to terminate the contract. The article does not say if there are more steps.

          1. Nick Kew Silver badge

            Re: Criminals, number spoofing

            Kids tend to be very good at figuring that kind of thing out.

    8. PeterM42

      Re: Criminals, number spoofing

      Oh no you can't - I tried getting a PAC from EE - "We are busy upgrading our system"

      Phone 150 - "We cannot deal with your request".

  2. fedoraman
    Go

    How about for broadband providers?

    With BT having hiked their prices (again) - how about this for switching broadband providers?

    1. Zog_but_not_the_first Silver badge
      Thumb Up

      Re: How about for broadband providers?

      A million upvotes for this. Changing broadband providers is almost as dreadful an experience as buying trousers going to the dentist.

      1. lglethal Silver badge
        Trollface

        Re: How about for broadband providers?

        It sounds like you need to change dentists! My dentist is a lovely young chap, with some very attractive young female dental assistants, who positively encourage me to make a regular 6 month check-up. I'd go more often but my health insurance and my wife might object...

        1. Anonymous Cowpat

          Re: How about for broadband providers?

          >My dentist.....

          I'll pass if his name is Orin Scrivello D.D.S.

          1. Scott 53

            Re: How about for broadband providers?

            >I'll pass if his name is Orin Scrivello D.D.S.

            Or Dr. Christian Szell - "Is it safe?"

      2. Adam Jarvis

        Re: How about for broadband providers?

        No it's worse, Broadband providers do the metaphoric equivalent of pulling out all their teeth if the clueless customer uses the wrong terminology/wording.

        Useless Ofcom (a lot of partisan ex-BT folk) have the figures/data for Openreach line cessations that result in a reconnection to the same customer, which indicates a "full tooth extraction" aka. ISP creates Openreach job ticket for "Line Cessation" for no reason, then fails to respond to requests to cancel it (assuming the customer even realises what's just being done to stop them leaving, within 24hrs the line is dead and their existing number). The customer can reconnect to the same ISP for free, but it's £60 to reconnect to a different one.

        So much anti-competitive behaviour is hidden behind OR/BT's clunky switching systems that just don't work seamlessly. You could write a book on it.

        (MPs, cross-examining those in the know during Parliament Select Committees never seem to have the technical knowledge/intelligence to asks the right questions).

      3. Nifty

        Re: How about for broadband providers?

        Last week I tried to cancel Virgin Media broadband. Was told there's a 40 minute phone queue for the cancellations 'specialist'. When will OFCOM get around to this one?

    2. Anonymous Coward
      Anonymous Coward

      Re: How about for broadband providers?

      My provider, aaisp, have just reduced their prices!

  3. Doctor Syntax Silver badge

    From my PoV it's about a week too late. Not that it was particularly difficult. I was changing from a PAYG to a low data cap sub and the new provider's rates ran rings round his. He started to explain that they "used somebody else's network". I just pointed out I was in the industry more than 30 years ago so I understood all that; it cut him off sharply - I didn't even need to point out that his own in-house MNVO did exactly the same thing or that even back then I knew the people doing his exact job.

    I wonder what the real retention rates are and whether they justify the costs of running that side of the call centre. Perhaps this will actually save the operators money.

  4. Lee D Silver badge

    Try and put me through any kind of customer retention, lose all possible goodwill that remains.

    I'm leaving for a reason. Either you couldn't be bothered to offer me a better deal than the competition, or you deliberately didn't because you didn't want me have it. I don't deal on those terms.

    Whatever you offer me *at that point* is a no. No. No. Not interested. No. Three tried this with me recently when I left for another provider because while they were putting up prices and not increasing allocated data, and also not informing me of better package they had themselves, their competitors were all giving more data for less money. Suddenly offering me the same deal I was on for "half price" doesn't make me happy... it pisses me off that I've already paid over the odds all that time. You could have done that *at any point*. You didn't. I'm not threatening to leave every six months in order to stay on the best deal... either give it to me, or suffer the loss of my custom when I find something else. Getting half the money out of me that you were is better than no money at all. Consider it a learning experience.

    And the longer that "retention" process takes, the more annoyed I'll get. If it comes to it, I'll just do it by letter. I'm really not interested. This contract is cancelled, that was your notification, goodbye.

    I didn't even need a PAC code, so I didn't care. The SIM was only used for Internet in a little 4G wifi router I use, and it really does not matter what the number is/was. The next SIM will work just as well on any number it's allocated.

    It all comes back to: if you were loyal to your customers, they'd be loyal to you, and wouldn't have to go through forced customer retention after you've failed to deal with whatever the problem was.

    The regulators are finally catching on - the utilities regulators are now saying "stop giving new customers better deals than existing ones". Mobile companies will have to follow suit. It's a ridiculous way to work. I instead choose companies who not only give me a good deal, but make my deal better all the time, and when I introduce a customer gives us both a bonus (i.e. I still haven't needed to pay for two months Internet/4G with the new provider yet because of referral bonuses). That's how you get new customers, and keep the old ones.

    Pretty much, I wish all providers in all industries were like this. It shouldn't matter who actually pumps gas or electricity into my house, who supplies the broadband, my mobile SIM, or anything. I should be able to just switch electronically at the press of a button, no questions asked and nothing has to take place for it to all just move to the new provider.

    There's also a reason that I use a 4G wifi router... broadband sucks in my area and I refuse to pay line rental which costs MORE than a full unlimited 4G connection, before I even start down the road of actually getting broadband (and getting rid of the bundled TV connection and phone line that I don't even want). They wanted £150 or more to actually "flick the switch" on an existing line, then line rental, then money on top for the rest of the services, plus an engineer visit meaning a day at home.

    Paid £50. Got an unlocked 4G router. Put in a few PAYG SIMs from various companies and ended up on a Pay Monthly with Three until recently. Swapped it out for the new provider in 10 seconds, while both SIMs were still technically active and could be used (if there was something wrong and it didn't work). Cancelled Three. Told them to stick their post-customer special-offers. No, I have no use for the SIM anyway. No, I don't care that it's half-price. No, I'm not going to pay for it and then "give it to a friend" or "keep it as a backup". Get lost. I don't want it.

    You had your chance, while I was a loyal, regular-paying, existing customer. You weren't interested. Game over.

    1. Graham 32

      Out of curiosity, what's the plan with "full unlimited 4G connection" that's cheaper than a line rental?

      So-called "mobile broadband" is much more expensive. I'm guessing you might be on a phone contract where the Ts&Cs say you should only use it for the phone and not do tethering etc. But I suppose a VPN to stop them snooping on content and you might get away with it. Was going to say you should avoid iPlayer/Netflix too but given what teenagers are like that probably is normal 4G usage these days.

      Edit: I'll answer my own question. Smarty currently offering £18.75/month. And allows tethering!!! I'm gobsmacked.

    2. Barry Rueger

      Meanwhile in the Colonies...

      Try and put me through any kind of customer retention, lose all possible goodwill that remains.

      The prices quoted here will make any Canadian weep with frustration. But more to the point, invariably the super-duper customer retention deal (or even new customer deal) invariably only lasts for X number of months, after which you go back to paying through the nose.

      In any other industry this would be called "bait and switch."

      Then again there's TV. We eventually dropped Netflix and tried out Amazon.ca Prime. This weekend we tried to watch a guilty pleasure, the new "Will and Grace." We were dumbfounded to find that as well as the $79 a year Amazon charge, we would also need to pay ANOTHER $12.99 a month for something called "Stack TV" which is basically a pared down version of what our cable TV operators are still flogging to the masses. Thankfully there's a one month trial, so we can binge watch the latest series and then cancel it.

      Meanwhile our public libraries are getting hammered by price increases and tightened usage restrictions on the e-books that they offer.

      The VPL says despite print and digital copies functioning in much the same way, allowing only a single user to read a book at one time and employing seven- or three-week loan periods, perpetual access ebooks can cost up to 300 per cent more. For instance, David Baldacci's The Fallen costs the VPL $22.80 for a physical copy, and $87 for a digital copy.

      And of course, Microsoft is just nuking all e-books on a whim.

      I honestly think that the whole digital media economy is on the edge of just collapsing into a pile of e-rubble, with most of us reverting to paper books, DVDs, and vinyl records.

  5. Big_Boomer Bronze badge

    After spending 45 mins on the phone trying to get a PAC code out of Vodafarce, this sounds like an excellent idea to me. In my case I had to threaten to call OFCOM before they finally caved in and gave me the PAC code. Even then they made me wait 8 mins for the code. Sometimes I am too nice for my own good, but after the poor service I'd had for the 2 years prior to that, I wouldn't have stayed with them if they'd offered unlimited minutes, texts, data and beer!

  6. Maryland, USA

    In the days if dial-up, anyone trying to divorce from America Online (AOL) was put through the wringer. I suucceded painlessly, using this approach:

    AOL: How may I help you today?

    Me: By closing my account without asking why or trying to change my mind.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019