Types of fraud using MTS numbers

This story can happen to anyone. And perhaps it has already happened to you. Today we will talk about suspicious manipulations in the work of telecom operators, which may fall under Article 159 of the Criminal Code of the Russian Federation. A Telecom Times reader told the editors about suspicions of MTS fraud.

As you know, in Russia mobile communications are one of the cheapest in the world. Over the past 10 years, the cost of mobile communications has been steadily declining. However, over the past year the trend has changed. Including due to additional costs that the state shifted to telecom operators. For example, due to Yarovaya’s law on storing user traffic.

There is an opinion that the state has tacitly allowed operators to raise prices and increase revenue in any way possible. One of these methods is subscriptions to content services and “billing errors.” The story of subscriptions is familiar to many - the methods of protection and counteraction are known. But today we will look at how to deal with the outright theft of money for services not provided.

Fraudulent schemes of telecom operators?

As an example, we will not use an abstract situation, but a very real incident that happened to an MTS subscriber with almost 20 years of experience. A reader sent his story to Telecom Times. Since the MTS telecom operator did not respond properly to this situation, we consider it correct to publicly describe the operator’s attitude and warn other MTS subscribers about possible similar manipulations against them.

Everyone remembers the story with “smart” gates that subscribed to paid services via an MTS SIM card. Today, it turns out, MTS SIM cards can also move in time and space. Just some kind of time machine.

How to understand that you have been deceived?

We recommend not to share this code with third parties, even if you think that they are MTS employees.

If, after receiving the message and the attacker calls, the code from the SMS is called, then money will begin to be debited from the mobile phone account. In this case, the write-off amounts will be chaotic, and the transfer statement will show successful and unsuccessful attempts to transfer funds.

A typical statement if you have become a victim of a scammer.

Outgoing calls from a switched off phone

Photo: Firestock.
One day, an MTS subscriber went to detail expenses and found three paid outgoing calls. The SIM card always lies in one place in the switched off phone, all calls of the subscriber are redirected to another phone number. Unconditional forwarding involves deducting minutes from the package for each forwarded call. However, the details clearly showed that there were three paid outgoing calls. Apparently the subscriber was calling somewhere.

The dialogue with a representative of the MTS call center can be summarized as follows. The subscriber is a VIP category client.

— Good afternoon, I have three paid calls with details that shouldn’t exist. Perhaps this is a mistake. Refund the money you wrote off. - Good afternoon. Yes, we see three toll calls. You were outside your home region. - How is this possible? The SIM card is in the switched off phone, all calls are in forwarding mode. There can be no toll calls in principle. - I do not know anything. Refunds are not possible. — There may have been an error in your billing. File a complaint, let your specialists check, apologize, correct the mistake and return the money. - I won’t make anything up. Go to the service office and write a statement there. — No, you are required to draw up an appeal at the subscriber’s request. (Then there is a tirade about what this operator is violating - the subscriber has been working in the telecommunications industry for a long time).

The girl was forced to capitulate under the pressure of clear violations on her part and file an appeal. Always ask to dictate the case number. Since the situation went beyond the standard response, the subscriber demanded an official response to this problem by email. Among other things, he demanded to check the correctness of the work of the call center operator for refusing to draw up an appeal.

Since the MTS company prohibits recording conversations with its operators (when communicating with a 0890 number, you cannot connect a third line in conference call mode for recording), the MTS company has an accurate recording of the dialogue.

Where to turn if an MTS subscriber becomes a victim of scammers

If you do become a victim of criminals, then in this case you should immediately contact the contact center, where you will need to describe the situation in detail by calling 0890 (from MTS number), 8 800 250 0890 - from any other phone. The information will immediately go to the security service, which will begin checking.

You can contact any communication center with your problem, which they will definitely help you sort out.

System failure or “manual” billing?

But let's try to dig further. In fact, MTS admitted a failure in billing. After the client contacts. It’s worth saying a few words about what billing is. This is a certified software package that automatically keeps records of services provided and their cost. Certified and automated. Manual intervention should be eliminated - all calculations are carried out automatically.

This suggests a conclusion: if a failure occurred, as MTS admitted, it means that it was either a global failure that affected other MTS subscribers. In this situation, MTS must conduct an internal investigation and return the illegally written off money to all subscribers affected by the problem. And the most important thing is to inform subscribers about this.

Or MTS has a “manual” billing management mode, when 20-30 rubles are seemingly accidentally debited from the subscriber’s account. Is this an MTS scam? And there is a possibility that they will remain invisible in the overall large mass of subscribers’ communications expenses. If you multiply this amount by the size of the subscriber base (several tens of millions of subscribers), the amount turns out to be rather large.

How scammers could steal money

• In such schemes, attackers can first call the call center of the telecom operator and ask to temporarily block the number (any operator has this option, for example, in case of phone theft) - to do this, you need to know the victim’s passport details, explains an employee of one of the telecom operators. Then the fraudster, who knew the passport details, could call the bank’s call center and ask to link a different phone number instead of the previous one. This would allow him to gain full access to one-time SMS passwords that are sent to the linked phone number to confirm the operation.
• An RBC correspondent contacted the call center of MTS Bank with a question about how to change the number associated with the account. The call center operator replied that now this can only be done by visiting the branch in person, although a couple of days ago it was still possible to change the number through the call center, knowing only your passport details and code word. The press service of RBC Bank explained that the number can only be changed in an MTS salon, a bank branch or at an ATM.
• If fraudsters were able to gain access to a phone number, and then a bank account, knowing passport data and a code word, then a leak of personal data of MTS Bank clients could occur, says DeviceLock founder and technical director Ashot Oganesyan: “It could have fallen into the hands of fraudsters as a complete database with passport data and code word, or simply with the full name of clients and their account balances. In the second case, the attackers could select clients with the largest amounts in their accounts and order their data from the operator and the bank. The cost of such a service in banks can reach 15 thousand rubles. For mobile operators, “punching” numbers costs from 800 rubles. up to 4.5 thousand rubles, number blocking - from 3.5 thousand rubles. and higher (follows from advertisements posted on the darknet. - RBC)."
• Only bank employees with a certain level of access can take possession of the code word, continues Ilya Tikhonov, head of the Compliance and Audit departments of the security department of the Softline group of companies. “I can assume that in this situation there was either an insider (a special person at the bank provides - RBC) or a well-organized targeted attack on the servers of the bank itself.” A banal leak of personal data would definitely not give criminals the opportunity to organize such a scheme for theft of funds, since both passport data and a code word are usually not stored in one database, Tikhonov notes. According to the expert, blocking the phone number in this case was most likely necessary to prevent potential victims from receiving a notification about a change in the data linked to the account.
• The forced change of passwords by the bank (MTS Bank carried out this at the end of May) may indicate increased security measures if customer credentials are suspected of being compromised, so that attackers would not be able to use them and, for example, log into the user’s personal account, says the head of the web security analysis department -Positive Technologies applications Yaroslav Babin.

VTB warned about fraud through job advertisements Finance

MTS scam?

How can the actions of an operator be classified? There is a feeling that this may fall under Article 159 of the Criminal Code of the Russian Federation. Fraud. In this case, the telecom operator abused the subscriber's trust. The funds were written off without the subscriber's knowledge for supposedly provided communication services, which, in fact, were not provided. And punishment must follow in accordance with Art. 159. Part 1: “fraud, that is, the theft of someone else’s property or the acquisition of rights to someone else’s property by deception or abuse of trust, is punishable by a fine in the amount of up to one hundred twenty thousand rubles or in the amount of the wages or other income of the convicted person for a period of up to one years, or compulsory labor for a term of up to three hundred sixty hours, or correctional labor for a term of up to one year, or restriction of freedom for a term of up to two years, or forced labor for a term of up to two years, or arrest for a term of up to four months, or imprisonment for a period of up to two years."

MTS easy payment scammers - who got it?

There is no need to be too upset if you fall for the bait of bandits. The main thing is to learn the right lesson from the situation. It will not be possible to get out absolutely without losses, but it is possible for everyone to return some of the money. Let's figure out how to do this correctly.

Check out the list of numbers that have been involved in service fraud:

• +79194601701.
• +79644541465.
• +79146701104.
• +79510077951.

There are many different forums on the Internet where users describe in detail how they were deceived. The presented resources are of specific benefit to many subscribers.

How to distribute Internet on MTS Unlimited effectively?

For a long time, specialists have been testing various methods that make it possible to change TTL, but practice has shown that not all of them are suitable for subscribers.

Basically, after restarting the device, the TTL value returns to its original value. Therefore, the priority task remains to find a method for recording the value. This will allow the method to be much more effective when working with the device, and the subscriber, in turn, will not have the need to return to this problem again and again.

How to distribute Internet traffic and not pay for it? Special applications TTL Editor, TTLFixer or TTL Master will help with this. Their advantage is ease of use and high efficiency of the work done. Their nuance is that after each restart of the device, the application program will need to be activated and the TTL updated.

To start using one of these applications, you just need to download and activate it.

Due to the simplicity of these actions, instructions are not needed.

How to distribute Wi-Fi from MTS Unlimited for free from various devices?

Distribution of MTS Unlimited Internet for free can be carried out through two main sources. This can be done both from a computer and from an Android mobile device. Each method has its own specifics, which will be discussed below.

The first method is suitable for those who find it easier and more accessible to operate from their own computer. At the initial stage, you will have to make a partial correction of the registration data.

• Sign in to the registry. In the menu, select the “Run” function, while simultaneously pressing win + r, writing “regedit” in the input field.
• Find the settings you need. They look like "HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParameters".
• Go to the Parameters tab, where you will find the “Create” item.
• Select "DWORD" and assign the name "DefaultTTL".
• Place a check mark next to the decimal number system.
• Set TTL and set it to 65.
• Save the settings and reboot the system.

As it was before?

MTS subscribers traveling abroad and suddenly deciding to use roaming were faced with a complex set of tariff options. To MTS’s credit, they enabled the option for mobile Internet in roaming (450 rubles per day) by default, which immediately prevented the bill shock effect when, upon returning home, the subscriber received a bill for services of a couple of million rubles. But with calls everything was not so simple. You could save on incoming bills by connecting to “Zero Without Borders”. This option, for 95 rubles per day, made 10 minutes of incoming calls free and reduced the cost of outgoing calls using a complex formula: 1st minute at the standard roaming rate, from 2nd to 5th minutes for 25 rubles, remaining minutes - 60 rubles.

Difficult? Difficult. But at least it's relatively honest.

Bottom line

“Zabugorische” from MTS has nothing to do with the recent abolition of roaming in Europe, nor with the desire of the FAS to make roaming more accessible. This is an ordinary processing of tariff options, the purpose of which is to obtain figures for advertising. This option becomes truly profitable and useful when several factors coincide: a relatively wealthy subscriber travels to a relatively popular country and starts uploading photos to social networks, interspersed with long phone conversations. There are others like that. But the majority of those who connected “Smart Zabugorishche”, believing Nagiyev and Van Damme, will be severely disappointed.

Read the tariff descriptions. And then even MTS will not deceive you.

Bypass torrent restrictions

Almost every consumer of network resources knows what uTorrent is - it is a file-sharing application for downloading any files from the Internet. But the operator blocks the operation of this utility, namely, cuts the speed limit to a minimum. To avoid this, just set the necessary parameters in the program interface:

1. Launch the application on your desktop computer.
2. Go to the settings section on the top panel of the service.
3. In the window that appears, select “BitTorrent”.
4. Move the slider next to the encryption section to the active state. Initially it is disabled.
5. Uncheck the “UPD tracker” option.
6. Save the changes and reboot the system.

After successful setup, you can quietly and anonymously download files from the network space.

Adjusting TTL on a computer

The definition is written as Time to live. The main purpose of the function is to control the numerical information of transmitted packets via the device's IP address protocol. Any modern desktop computer has a fixed number, which is 128 units, and for mobile devices with an Android operating system - 64. After you start sharing mobile Internet, this figure will automatically decrease and be 63. During distribution, packets begin to be exchanged. This transformation is seen by the cellular provider, after which it sends a request to block the distribution of network traffic.

To avoid such a procedure, it is necessary to configure the personal computer and the distributing mobile device to do the required work separately. We fix TTL on a PC or laptop:

1. Start your PC and open the launch pad at the bottom of your account desktop or press the keys as in the picture below.
2. Enter the file name “regedit.exe” in the search line to go to the system registry editing menu.
3. A list of options will appear in the left pane of the window, select “HKEY-LOCAL-MACHINE”.
4. After this, sequentially go to the following sections - “System-CurrentControlSet-Services-Tcpip-Parameters”.
5. In the new menu, open the options tab on the top panel and click on the create button.
6. Install "Dword 32bit".
7. In the next window, fix one numeric value - 65 and give it a name - “Default”.
8. Be sure to save the changes and restart the operating system for the settings to take effect.

After this, when distributing network traffic, the operator will always see 64, not 63, and will not pause data transfer. The list of actions was described for the Windows operating system.

Attention! For different modifications of computer software, the location of the main elements may differ, but the principle of changing characteristics remains the same.