26.1k unique visitors in the last 3 days

UK Telco Warns of ‘Significant Rise’ in Scam SMS

It is good that telcos are now publicly talking about scams. It would be better to independently monitor how effectively they block them.

Virgin Media O2 (VMO2) has issued a press release telling the public to ‘stay vigilant’ because of an increase in various kinds of scam text messages. The British telco asserted it has already blocked 600 million scam text messages destined for customers of its O2 mobile operator brand this year. That figure is more than double the number of scam messages they blocked during the whole of 2023 and 2024 combined.

VMO2 described the top five messaging scams that currently prevail. Experts in messaging fraud will not be surprised at the contents of their list.

  1. Fake gambling services and prize draws with hyperlinks to scam websites where recipients can supposedly claim credits or a gift.
  2. ‘Hi Mum/Dad’ messages that initiate a dialogue with a scammer by pretending to be from a son or daughter who has lost their old phone.
  3. Bogus parking fine warnings with a link to a scam website where the victim is supposed to pay what is owed.
  4. Recruitment scams that promise easy well-paid work; applications are initiated through WhatsApp.
  5. Scam messages that echo a recent glut of advertising by British legal firms offering help with claiming compensation for mis‑sold car finance; these also contain links to phishing websites.

It would be better if scam information like this was gathered using an independent honeypot that receives messages intended for customers of all telcos. This would provide an impartial comparison to ensure all telcos are doing an equally effective job of tackling scams. It would also reduce the extent to which consumer protection advice is dependent on the whims of the marketing functions of specific telcos. The way VMO2 tells the public about scams differs from the approach adopted by its competitors. Last year they ran an advertising campaign based upon an AI grandmother that supposedly wasted the time of scammers. It was good publicity for VMO2 but it saddened me to see some serious anti‑fraud professionals treating this marketing stunt as a genuine attempt to reduce scam activity. There is a political aspect to the intentions behind VMO2’s highly public approach. They would like more publicly-funded resources to be dedicated to tackling networked crime. 10 months ago, VMO2 told the new Labour government that they should devote at least 400 more police to tackling fraud. Advising the public about the efforts made by VMO2 to reduce fraud is a way of forestalling any attempt by government to blame businesses for the rise in the losses suffered by victims.

We need independent honeypots to monitor scam activity because we need better measures of how many scam messages get through to potential victims, not the number and types of messages that are already being blocked. While it is impressive that VMO2 is blocking many more messages, this tells us nothing about the risk to the public. It could mean that criminals are mindlessly ramping up the number of messages they send in a futile attempt to counteract increasingly effective automated filters. It could also mean that criminals are deliberately giving telcos the impression that filters are working by sending many messages which they know will be blocked. Their goal would be to distract from other messages that have been successfully crafted to defeat filters. The deliberate stimulation of traffic that is intended to give telcos a false sense of comfort about the effectiveness of their fraud detection controls is a practice that gangs have employed in the past. We should not be naive about the potential for experts in deception to repeat this trick.

The sad truth is that the implementation of a national scam messaging honeypot would be dirt cheap but nobody in government is willing to approve the spending of taxpayer’s money on tech like this, even though it would likely cost less than recruiting a single additional police officer. Earlier this year I persuaded BluGem, one of the sponsors of Commsrisk, to establish a basic global messaging honeypot on an entirely charitable basis. The same kinds of scams highlighted by VMO2 have also been identified using the UK numbers assigned to BluGem’s honeypot, demonstrating that some scam messages are still getting through to Brits. The international nature of the honeypot means it also offers something that VMO2 cannot provide: a comparison between the scam messages received by multiple nationalities. BluGem is willing to share its data with any government, regulator or law enforcement agency worldwide.

However, the amount of interest shown in this honeypot by Ofcom, the UK comms regulator, has been nil. I know that Ofcom employees visit this website. I also know you are busy people. Yes, I am talking to you fraud experts in Ofcom right now. I appreciate there are no plans for a UK consultation that would specifically address the reasons to use phone honeypots for consumer protection, even though India has mandated increased use of phone honeypots. And I acknowledge there is probably nobody in the Cabinet Office chasing Ofcom about the potential for phone honeypots, despite British companies like BluGem contributing a lot of time to explaining to the Home Office why not every automated radio comms device should be equated with a ‘SIM farm’. Using devices like these to implement a messaging honeypot and gather intelligence for law enforcement is still a good idea.

Academic studies in the USA have demonstrated how much can be learned by using phone honeypots to monitor scam activity. Would you not get a warm and fuzzy feeling by protecting consumers using the cheap and ingenuous tech developed by a small British firm instead of always giving preferential access to grossly overpaid lobbyists for billion-dollar corporations owned by repulsive people like the Koch brothers? What harm would be done by simply asking BluGem what they have learned about scam SMS messages received in the UK, so you can contrast it with what you have been told by network operators like VMO2?

The drawback with using cheap tech to reduce consumer scams is that the potential profits are too low to justify lots of expensive lobbying by the people who make it. So this is my meager attempt to lobby on behalf of cheap, effective consumer protection tech. If anybody is listening, please knock twice.

The VMO2 press release about the rise in scam text messages targeting Brits is here.

Eric Priezkalns
Eric Priezkalnshttp://revenueprotect.com

During his career, Eric has been a Director of Risk Management for a national telco, the Chief Executive of the Risk & Assurance Group, a Chief Marketing Officer for a software business, a consultant, a public speaker and the publisher of Commsrisk since its launch in 2006. Look here for more about the history of Commsrisk and the role played by Eric.

The comms providers that Eric has worked for include Qatar Telecom, Cable & Wireless, T‑Mobile, Sky and Worldcom. In addition to his proficiency at speaking about the current scamdemic, Eric is also a qualified chartered accountant and a subject matter expert in consumer protection, enterprise risk management, fraud prevention, data integrity and billing accuracy. Eric was the lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He can be reached through the contact form on this website.

Related Articles

The Commsrisk Global Fraud Dashboard


Our Global Fraud Dashboard uses AI-powered search to collate, update and visualize data about scams and other network abuses from around the world. New charts are added each month. See it here.

Get Our Weekly Newsletter by Email