Mobile phone scams
Social engineering scams
Three popular types of social engineering scams are phishing (email), vishing (voice calls) and smishing (text messages).
A social engineering scam gets people to perform specific actions or divulge confidential information through psychological manipulation. It can be done on the Internet, over the telephone or in person. Once the scammer obtains the desired information, it can be used for identity theft, industrial espionage and other criminal activities, or simply to disrupt the normal course of business.
Phishing is a form of fraud that uses email messages with phony addresses, websites or pop-up windows to gather your personal information, which can then be used for identity theft.
A scammer might send an email asking you to update your Bell billing details to keep your account active. The email will ask you to click on a link taking you to a website that looks like Bell’s, where you’ll be asked for your login and account details. Alternately, the email may say you have a problem and need to click on or open an attachment to solve it. But if you click on it, you could install something damaging to your device, or trigger your device to send your personal information to the phisher.
Phishing can also be in the form of emails offering money for work-at-home jobs, or asking for help with frozen bank accounts, or offering discounted pharmaceuticals, trips, etc.
With vishing (voice phishing), the scammer will attempt to gather your personal or financial information over the phone instead of by email. A scammer might call to sell you new rate plans (which are phony), ask you to complete a survey, promise you an incentive or tell you that they’re updating your account and want you to “confirm” details.
As another example, a pre-recorded message promises you travel rewards or a $100 credit on your next bill and directs you to a fake site that “looks” legitimate or to a 1 800 number.
The goal is to trick you into releasing passwords, PINs, banking or credit card details which can then be used for fraud.
Smishing (SMS phishing) uses text messaging to gather personal or financial information that can be used for identity theft.
A scammer might send you a text message asking you to visit a specific website or to call a number. At this point, you would be asked to provide sensitive information, such as credit card number, to access an account or for “security reasons”. The message usually demands your immediate attention.
Here are some examples:
- "We confirm that you have signed up for our dating service. You will be charged $2 a day unless you cancel your order on this URL: [URL]".
- "(Name of popular online bank) confirms that you have purchased a computer from (name of popular computer company). Visit [URL] if you did not make this online purchase"
- "(Name of a financial institution): Your account has been suspended. Call 235.654.6969 immediately to reactivate"
The URL provided will likely bring you to a credible-looking website that will ask for personal information to continue.
How do I know if communications I receive are really from Bell?
Bell communicates with customers regularly, and we have rules about requesting personal information as well as what we include in our communications.
Communications to our customers will never:
- Request personal information, such as passwords, PIN numbers, banking or credit card information (unless we are responding to an initial telephone inquiry made by you).
- Include links to virus removal tools. Instead we will direct you to support.bell.ca/Internet
- Include executable (.exe) file attachments (programs).
If you have any doubt or concern about a communication you receive from us, please contact Bell customer service.
How to protect yourself
- Be realistic; if it seems to be too good to be true, it probably is.
- Don’t respond to requests for personal information such as your bank account number in an email.
- Be wary of alarmist, seemingly urgent messages, slightly altered web or email addresses and emails with spelling and grammar mistakes.
- Don’t forward virus warnings that come with "send this to everyone you know" requests, even if they appear to come from a credible source. These messages are hoaxes, and if they include any links or attachments, they can be dangerous to yours and your friends’ computers.
- Be aware of the communication policies of the companies you use and what types of messages they will send.
How to report it
- If you think you’ve been a target of any type of phone or Internet fraud, you should call the Canadian Anti-Fraud Call Centre, at 1 888 495-8501 or visit Canadian Anti-Fraud Centre.
- If the phishing scam involves the false representation of Bell, email the situation to email@example.com
Malware programs are transmitted through the Internet and can be installed on your phone when you download certain apps or files, or if you visit certain websites.
Malware lets criminals access your phone to disrupt its operations or to change or steal data. Malware can be difficult to detect, as it generally doesn’t appear in the list of installed programs.
How to protect yourself
- Beware of email, text or Facebook messages containing shortened links or other attachments.
- Select apps that let you opt out of information sharing.
- Before downloading an app, do some research and see if it has been reviewed by a reputable source. Avoid the latest trend until it has been out long enough to earn the trust of reputable reviewers.
- Be aware that your phone will be more susceptible to malware if you jailbreak it (i.e., modify or override its operating system to remove restrictions).
How to report it
If you have been a victim of identity theft, you can visit the Canadian Anti-Fraud Centre or call them at 1 888 495-8501
Missed call/One ring scam
The missed call scam or one ring scam is a type of fraud where scammers call your phone and hang up quickly. Your phone registers a missed call from a number you don’t recognize. If you call the number to find out who called you, you may end up paying a premium rate for the call without warning. The same can be done using text messaging.
How to protect yourself
- Never reply to missed calls or text messages from numbers you do not recognize.
- Don’t call or send text messages to phone numbers beginning with 1 900 unless you are aware of the cost involved.
- Read the terms and conditions of all offers very carefully. Services offering free or very cheap products often have hidden costs.