; the scope is probably large.
Thousands of people have received emails saying they have been double charged for their invoices and can claim a refund from Telenor. This is just the latest wave of fraud attempt, we will probably never get rid of the problem.
- Customer service has received several invoice forgery inquiries. People mainly ask if the email is legitimate and some people call to report the scam. There are also a few who say they were fooled, says Telenor's senior security advisor Thorbjørn Busch.
Telenor warns against e-mails sent in recent weeks that impersonate a company
They are asking for a refund request
“Hello, dear customer, we inform you in writing of an error when paying the bill for June 2021. A technical error occurred during the payment process from our servers. Therefore, we encourage you to apply for a refund by completing the return form. "
The e-mail has the Telenor logo and includes a link to a website where you can log in to "request a refund". There are clever criminals behind this attempted fraud. The goal is for the user to click on the link.
- There are probably foreign supporters behind this attack. The origin of the email confirms this suspicion. There is a lot of evidence that the text was translated using Google translator or its equivalent, says a security expert. And that criminals deliberately use social manipulation.
Social manipulation
- Fraudsters assume that the recipient is blindly looking at the content and getting carried away. Therefore, some typos quickly become irrelevant when you are under stress and time pressure.
It is recognized that criminals deliberately set a very short deadline for action, often for fear of closing your subscription or not receiving your money if you react quickly enough.
Smart fraudsters often send such attempts at the turn of the month because it is natural to receive an invoice at this time. Other types of fraud attempts occur around Christmas and when people are expecting tax settlement.
- Criminals use current events in society to build credibility. We expect a new wave of fraud attempts also towards the end of next month. There is no sign that they will quit, says Thorbjørn Busch.
If you've been tricked into losing money or other important information, such as your username and password, it is advisable to contact your bank as well as report the matter to the police. It is also important to change the password on all user accounts that have the same username and password as the lost ones.
. Over 11 fraud attempts were intercepted
Busch says that since the last wave of the spam filter for Telenor's Online.no email accounts, more than 11 emails were caught using this scam.
- Only a small number passed through our filter. We don't have an overall picture of what goes beyond customer email, but I suspect the coverage is large, states Thorbjørn Busch.
- In my experience it happens in waves. That number may have been higher earlier this summer, but 11 is a high number, although it's probably only a fraction of the emails that were sent, he says.
The new rules challenge cheaters
After the EU introduced new and more stringent requirements for e-commerce in the EU and EEA since January 1 this year, fraudsters also had to change the way they behave. Only the data from the card or the account number is not enough.
W Norway most people has probably experienced that they also have to use BankID, either via a code chip or mobile phone, if they are to make transactions or purchases online. New fraud methods increasingly mean that the victim must also provide this information.
- In a way, this is a brilliant method of cheating. Criminals force victims to work independently. They are making better and better use of more and more tools to make an attempted fraud appear plausible, says Busch. The goal is always the same, to extract information or money from the victim. This method is often referred to as phishing.
Criminals have also taken advantage of the fact that many have become more isolated as a result of the pandemic and that especially older people with limited digital competences can then become easy targets if they do not have someone around to help them.
What can you do?
Thorbjørn Busch senior security advisor at Telenor lists six points to keep in mind when receiving suspicious emails.
- Take your time reading emails. Stop - think - check. Ask yourself what the sender is really expecting.
- Find out if you are actually entitled to a refund. Visit the online bank and check if you have actually been charged twice.
- If you are unsure of the content of the email, do not click on the link or open the attachments. Instead, visit the sender's official website. If the email is correct, you will find the same information after logging into My Telenor. You can also contact Telenor customer service.
- If an invoice, credit note, or equivalent is attached to the email, never provide confidential information, card details or bank ID information on linked sites.
- Call a friend, colleague, or family member and discuss the email. Such a conversation will often be perceived as necessary and useful.
- Google the content of the email. You are not the first to experience such phishing attacks.
. I guess it's something we have to learn to live with
Busch says that in addition to the spam filter, Telenor also has a "Web Protection" service. This prevents customers from accessing malicious sites by blocking phishing sites. Consciously working also with public information directed to clients about the danger.
Is this something we will never overcome?
- This is probably something we have to learn to live with. We cannot run after criminals. It is not possible to fully control and view all incoming calls, SMS and e-mails. It is public information that matters and that we are aware of the new methods that fraudsters are constantly using. I am also fooled. I've seen some very good and cunning attacks, and it essentially depends on how well packaged they are, says security expert Thorbjørn Busch.
Read our next article: NAV and 968 Social Fraud Reports
If you are interested in this article, please leave a thumb. In this way you assess the degree of interest.
