– Already today, we received several inquiries about bill fraud for customer service. People ask first and foremost if the email is legitimate, and some call to report the scam. Then there are also the few who say they went for the scam, Telenor’s senior security adviser, Thorbjørn Busch, tells ABC News.
The emails have been sent out in recent weeks and pretend to be from Telenor.
You are asked to apply for a refund
“Hello, dear customer, we are notifying you in writing during the payment of the June 2021 invoice. A technical error occurred during the payment process from our servers. Therefore, we invite you to request a refund by filling out a refund form request.”
The email contains the Telenor logo and contains a link to a website where you can log in to be able to “apply for a refund”. There are criminals behind the fraud attempt. The goal is for the user to click on the link.
Foreign supporters may be behind this attack. The language of the email supports this suspicion. The security expert says there are many testimonials that the text has been translated via Google Translate or its equivalent.
He says criminals are deliberately using social manipulation.
Scammers are betting that the recipient is blindly looking at the content and shying away from emotions. So a few typos quickly become insignificant when you’re feeling stressed and pressed for time.
He points out that criminals are deliberately giving you too little leeway to act, often with the fear that you will prevent the subscription from being closed or that you will get paid for good if you respond quickly enough.
Cunning scammers like to send such attempts at the end of the month, because it is normal to receive an invoice during this time. Other types of fraud attempts come around Christmas and when people expect to get a tax settlement.
Criminals take advantage of current events in society to create credibility. We expect a new wave of scams towards the end of next month as well. There is no indication that they will quit, so I feel relatively confident about that.
If you fall into the temptation and lose money or other sensitive information like username and password, it is recommended to contact your bank and report to the police as well.
It is also important to change the password for all user accounts that have the same username and password that you lost.
More than 11,000 scam attempts have been caught
Busch explains that since the last wave, the spam filter for Telenor’s Online.no email accounts has picked up more than 11,000 emails with the scam.
– Only a few have passed through our filter. We don’t have an overview of what goes beyond that for other email clients, but I suspect the range is large, he says.
The number does not surprise the security expert.
– My experience is that this happens in waves. The number may have been higher earlier this summer, but 11,000 is a high number, although perhaps only a fraction of the emails sent. So, yes, there are a large number, but I’m not surprised, He says.
New rules challenge scammers
After the European Union from January 1 of this year introduced new and stricter requirements for e-commerce in the EU and the European Economic Area, the scammers also had to change their approach. It no longer works with card details or account number only.
In Norway, most people have probably experienced that they also have to use the bank ID version, either by code chip or via mobile phone if they want to transact or shop online. New methods of fraud now increasingly mean that the victim must also provide this information.
– It’s somehow an ingenious way to cheat. Criminals make victims do all the work for themselves. They are getting increasingly good at using more tools to make the scam attempt appear credibleBush says. The goal is always the same, to get information or money from the victim. The method is often referred to as phishing.
Criminals have also taken advantage of the fact that as a result of the pandemic many are becoming more isolated and that elderly people especially those with limited digital proficiency can easily limp, if they do not have those around them who can give an additional assessment of the content.
What can you do?
Busch lists six points you should keep in mind when receiving emails that may appear suspicious.
- Take your time when reading emails. Stop – think – check. Ask yourself what the dispatcher really wants you to do. Do you expect such an inquiry?
- Find out if you are actually entitled to a refund. Visit the online bank and see if you have been charged twice already.
- If you are unsure of the content of the email, do not click on the link or open the attachment. Alternatively, visit the official website of the sender. If the content of the email is real, you will find the same information when logging in to My Telenor. You can also contact Telenor customer service at 915 09000.
- If an invoice, credit note, or equivalent is attached to an email, never provide sensitive information, card information, or bank ID information on websites to which you are redirected via links.
- Call a friend, colleague, or family member. Discuss the content of the email. Such a conversation is often seen as necessary and useful.
- Google email content. You will not be the first to be subjected to phishing attacks.
Read also: Police, DNB and Telenor team up to prevent fraud by seniors
Maybe this is something we have to learn to live with
Busch states that Telenor, in addition to its spam filter, also has a “Nettvern” service to prevent customers from accessing malicious sites, trying to remove phishing sites when they learn about them and consciously working with public information targeting customers about the risks.
Is this something we will never get over?
Perhaps this is something we have to learn to live with. We can’t run after criminals. You cannot have complete control and overview of all incoming calls, texts and emails. What matters is public information and that we are aware of new methods that scammers are constantly using.
– I too could be fooled. I’ve seen some pretty good and cunning attacks, and it mainly depends on how good they are, says the security expert.
“Web specialist. Lifelong zombie maven. Coffee ninja. Hipster-friendly analyst.”