SCAMMED: Third party charges on my bill

---

@XRaySpeX wrote:

---

@muggles708 wrote:

Since EE introduced a double opt-in for 'Payforit' subscriptions reports from EE have dried up.

---

That's for subs done via Payforit. I am sure there are other Premium Rate services that are not paid for via Payforit but directly. How are they protected & covered?

---

Things seem to have gone relatively quiet on the 'own portal' services also, so I am assuming that EE are requiring a double opt-in with PIN for those services also. Unless of course there is evidence to the contrary.

Because the double opt-in was not retrospective ( existing subscriptions were not affected) cases will continue to appear that predate the new rules ( introduced on 15th February this year).  I am interested in any bogus subscriptions after that date, any evidence that EE are not applying their new rules to own portal services, or any evidence that the new rules are not being effective.

@muggles708: You know you can also sign up for these Premium Rate services via TV (non-smart) by giving your mobile no. to pay to view TV content. No Internet is involved (can be done from a simple non-data phone); just the receipt of a reversed-charged text. How can double opt-in be done there?

You can still be charged for receiving premium sms messages. As far as I know, none of the networks can block these. A few years ago these were the main method of charging for scam subscriptions.

However, the networks now require the use of 'Payforit' for subscriptions where the user's phone number is obtained via the mobile data connection. So all the subscription scams highlighted on here and on Watchdog on Wednesday night are either 'Payforit' or 'own portal' where an individual network has an arrangement with the third party provider ( for example the services offered to EE customers by PMConnect).These can be stopped by a 'charge to bill' bar, now offered by most networks.

I have seen very few complaints about premium sms services as they are generally low value 'one off' transactions and aren't much use to the perpetrators of 'cramming fraud'.

If the other networks followed EE's example and introduced  double opt-in PIN system for all subscriptions these scams could be dramatically reduced.

---

@XRaySpeX wrote:

@muggles708: You know you can also sign up for these Premium Rate services via TV (non-smart) by giving your mobile no. to pay to view TV content. No Internet is involved (can be done from a simple non-data phone); just the receipt of a reversed-charged text. How can double opt-in be done there?

---

I don't think there is a problem with these services. If the consumer is forced to 'do something' in order to subscribe the risk of fraud is much reduced.

In this case though, surely a text message would be sent to the phone number, requiring a reply to confirm the subscription. Otherwise a consumer could charge TV content to someone else's phone.

That's fantastic news that EE's  opt-in PIN system seems to be working and I do hope it covers own portal too. Just a shame it took so long the happen and that it took a lot of persistance and effort to force this issue into sharp focus so the company couldn't ignore it any longer. I'd like to think that Watchdog will be the catalyst to force the other networks to follow EE example.

I never thought I'd say this ..but thank you EE for doing the right thing ... eventually.

and Chris_B & @XRaySpeX ... do you finally accept there may be click fraud going on and that maybe some if not most of the customers you patronised on this issue were actually victims of this fraud and should be owed an apology for your glib & dismissive attitude. 

Just as an aside my subscription occured at 3:30 am when  I was sleeping and my phone was inactive next to me... yet the company could show proof of my device / user agent that was correct and matched my phone. Maybe I was sleep browsing.

---

@moog wrote:

@XRaySpeX ... do you finally accept there may be click fraud going on and that maybe some if not most of the customers you patronised on this issue were actually victims of this fraud and should be owed an apology for your glib & dismissive attitude. 

---

I never said there no fraud was going on with these 3rd party charges. All I did continuously was advise users what they could do about it when it happened to them & what their rights were. If that is "patronising" then I should buy a new dictionary :(.

Yes you did, you blamed customers for clicking links without knowing, you constantly claimed EE had no responsibility in this and that that E had no realtionship with any of these 3rd parties ( not true for own portal). All you did was take the company line and fob everyone off to PPP/PSA. Oh and your manner was often hostile to anyone who dared persist in asking questions. 

For example,.. you don't need a dictionary, but you do need your memory checking... or do I need to repost your comments to help you remember.

@moog   @XRaySpeX

There has been  a lot of misinformation about these scams, some of it emanating from the MNO's and the regulator. Consumers don't realise how vulnerable they are to 'Payforit' fraud until it happens to them. All a fraudster needs to take your money is your phone number. Unlike a bank account number or a credit card number, the primary function of a phone number is for communications! So inevitably  a number of people have to know it, making it very insecure when used as the only authorisation for a payment.

It is clear that malware plays a part in the current spate of issues, which are not generally affecting EE subscribers due their extra layer of security.

I am currently looking at one case where the malware  appears to have been pre-installed on the phone prior to delivery. Even after returning it to factory settings it continues to try to sign the owner up to various 'payforit' services.

My wife and I are very canny when it comes to avoiding problems. We do always read the small print and check our bills! I was flabbergasted when my wife was scammed as I know she's very careful. In her case it was proven to be a fitness App which she downloaded from the Google Play store which silently signed her up to a subscription. She had no way of knowing this was happening until she got the text confirming the subscription.

I get angry when people say 'you must have done something to subscribe', but it is really down to ignorance rather than malice, and I might have said the same thing myself if it wasn't for personal experience.

Ultimately all we really want to do here is to help consumers avoid these scams and help them when they are unfortunate enough to be caught up in one.

---

@muggles708 wrote:

I get angry when people say 'you must have done something to subscribe', but it is really down to ignorance rather than malice, and I might have said the same thing myself if it wasn't for personal experience.

---

I think this is a reasonable point to make. In several of my dealings with people at Ofcom, Payforit and EE customer services the initial response has been incredulity because it is quite literally hard to believe that a system as insecure as this can have been put in place. The networks and the regulators appear to have dropped the ball, with everyone assuming that someone, somewhere along the way did the technical due diligence required for a system like this, and that any reports of fraud and scams were spurious.

It's just so much easier to believe a confident sounding corporate voice saying, "Believe me, we have processes and security and policy, and the most likely explanation is user error."