How Kenyans are Losing their Airtime Online

kenyans losing airtime

Cases of people losing their credit mysteriously is becoming quite rampant. Safaricom, the market leader, accounts for the most complains of this nature.  Up until now the telecoms have done very little to sensitize their customers on how their credit is being lost.

Some have claimed the reason for this laxity is because they also profit in the process. A claim that has recently been exacerbated by an open letter to Safaricom which claimed that some of the employees of a telecom giant are complicit in running companies that swindle Kenyans of their hard earned airtime. Such companies run those so called premium services that charge your credit for services like games, music, and video downloads among others. This could explain how some people have been finding themselves being subscribed to services they didn’t opt into in the first place.



Personally, like the majority of you, I’ve never subscribed to such services. Reasons, one they’re expensive as hell and two I see no need to download substandard content while I can get them elsewhere at the cheap price of free. Such is the case of games which are awash in the store. Nevertheless, they do appeal to some, the only problem is when you find out you’ve been unknowingly subscribed to one of these services. What’s even worse is that you might find that you’re subscribed to multiple services at the same time and some are charging you every other day of the week. Top up and they waste no time taking their cut.

So after a lot of noise from Kenyans, Safaricom has sort of yielded and are running a kind of “campaign” to alert their subscribers if they have active premium services. I don’t know about the rest of you but every couple of days I get an SMS alert from Safaricom telling me I have an active premium service. That service I’m well aware of since it’s my bank’s mobile banking USSD service. If you’re not getting such notifications it’s about time you checked whether you have an active service. I’ve since written a post on how to unsubscribe from premium services on Safaricom, Airtel and Orange. Go ahead and unsubscribe now if you haven't.

Safaricom Active Premium Service
Safaricom Alert on Active Premium Service

Now that you’ve hopefully unsubscribed from such services you should learn how to not fall for this unscrupulous services in the future. The ones advertised on TV or Radio seem legit not to mention you have to send a message to get subscribed in the first place. The real threat however as I’ve come to learn is over the internet. That’s where this bastards are flourishing so to speak.

You must have at one point come across some interesting animations or pictures while you surf on your phone or computer and even when using some apps on your phone. Something like “Your phone is infected”, “You’ve been selected…” “You’ve won…” blah blah blah, the list goes on. Now for the tech savvy they can instantly recognize this as merely Ads and can easily skip over them if they wish to.

However some people do mistake them for being part of the site they’re browsing and if whatever is being claimed there catches their attention, they go ahead and click it. Still, if you don’t click them knowingly chances are that you’re going to by mistake owing to how these ads are strategically placed on mobile sites or apps. Too bad our fingers don’t have the same accuracy of the mouse pointer.

And it’s not just ads. Clicking actual links on some sites may launch pop up pages (or the less intrusive though equally risky new variant aptly titled pop unders) instead of taking you to the page you wanted. These pop ups contain similar ads.

The problem however are not the ads. Actually were it not for ads most sites would never see the light of day. The problem is the content, and in our case the ads are either misleading or outright malicious. Such is the case of some of this premium service companies, who are now capitalizing on the fact that most people nowadays have internet capable smartphones and have shifted to using internet ads to subscribe you into their services in very scheming ways. Let me give you a real world scenario here that I experimented with:



Exhibit One: Your Phone is Infected! You don't say!

1. You go to a site e.g  m.example.com

2. You see an ad that catches your attention like the one below.
Phone is intefetced ad
You don't say!

3. Scared out of your wits you decide to “remove virus now”. Reason? Your phone is quite new and pretty expensive so you’re not taking any chances with anything foreign, be it dirt, bacteria or this so called Viruses.
4 viruses were found
Virus get ready to attack! 1,2,3...

4. What? Not just one virus but four, and they’re going to damage my sweet phone and am going to lose my contacts. What’s more it’s Google that has done the scan. This is pretty serious! Soon or later I’ll have to click that big blue button that says “Remove viruses!” or else this 2 minutes will time out.

5. If you are among the few that don’t fall for that and decide to go back you’ll get an even more convincing warning. This time from the phone and not the webpage so that it looks even more serious. The wording is also contradictory to trick you into pressing the Ok button to continue. Ok it is!
Virus Prompt
Now should I press Ok or Cancel? You lost me there!

6. Another scan on a much fancier page this time round. It actually looks like an actual antivirus. No sign of Google or the four viruses but still it claims the system is in danger. Hit the clean button to get if from danger! Baam, you waste no time trying to get it to “safety”.
Protect Plus Fake Scan
Get it to safety then!

7. Huh? You’re going to scan with Messages or Whatsapp. Ok, fine by me, just make sure you get rid of the virus or is it viruses.
Complete Action
Just get rid of the viruses already!

8. Yes I want to confirm that I want to protect my phone. Please take my credit while you’re at it!
Subscription SMS
Yes I confirm!

9. Well, if protecting your phone means losing your credit mysteriously every now then, be my guest and hit the send button.

You’ve to give credit to this bastards for being ingenious. Who thought it would lead to that? I wish I had gone along with the scam to see where it led but of course I didn’t hit the send button. But it’s obvious that whole process was just to get the number then send me download link to a "fake antivirus" or "game", who knows.

The scanning was all fake and not to mention using the Google logo was a big red flag. Also if you read the rather unreadable disclaimer you’ll notice it clearly states that “Any tests, games and/or applications featured in this page are for entertainment purposes only”. The company then goes on to list its address and contacts, apparently it’s from Edinburgh (UK) but also gives a Kenyan number for contact. Doing a WhoIs search on the webpage address (protect.plus) claims the company is from California (US) while the address that redirected me to it (sendinger.com) didn’t reveal anything important as it’s protected by WhoIsGuard. It could be this is not just a Kenyan thing but global one after all.

This is just one example I decided to go along with and actually it’s “less malicious” in that it actually expects you to send an actual subscription SMS. So I went digging for another one and my suspicions were proven true.

You don’t really have to send an actual SMS for you to get subscribed. Just hitting a button in a webpage will do all that. I did exactly that but I made sure I had zero credit beforehand. The result was as follows:


Exhibit Two: We made Subscribing Easy... Super Easy!

1. Clicked the big fancy Continue Button
Continue Button
Subscription Page

(this was from an actual link and not and ad and so somebody would be expecting to continue to the site and not a premium service)

2. Immediately with no warnings got the following SMS:
Top Up to Subscribe
Top up? In your dreams!

3. The Webpage then loaded this:
Error
You should be sorry!


If I just had twenty shillings in my account that would have been the end of it. In a week they stand to make a whooping KES 60, and for what? They don’t even say what you’re subscribing to. Just some big button to subscribe you.

They can however easily justify such an action by claiming that the subscription page has information regarding the service and what it costs. But the truth of the matter is that the text is quite small to notice and even for some to read. Still, who even has the time to read that after interrupting what might have been an engrossing browsing experience? Talk about some social engineering.

I think now you get the point. This may be just how you're getting subscribed to these premium SMS services without your knowledge.



Protecting your Airtime over the Internet

1. First rule, don’t even think about clicking that questionable ad
If you do for the fun of it or by mistake don’t press any link or button on that page. Simply close that webpage or exit the browser.

2. Keep away from bad sites
If you see a site keeps loading pop ups or redirects you to ad pages or has those questionable ads just keep away from it. If that site is very important to do without consider installing add-ons that block scripts (e.g noscript or uBlock Origin  for Firefox Mozilla), flash (e.g flashstopper for Firefox Mozilla) or ads. Doing this may however affect the browsing experience.

3. Don’t ever enter your number on a webpage that you don’t trust
Also have the courtesy not to enter somebody else’s number because they may get a confirmation message and fall for it.

4. No browser is immune to all this
Not even those simple browsers a.k.a mini-browsers (opera mini, uc mini etc.) that don’t run scripts. Actually I believe those are the main targets because more people use them. In the above tests I used these two, however Opera Mini fared better because of its ad blocker. So, be always mindful of what you click regardless of the browser you're using.

5. Some apps do run these type of ads too
I've seen the "phone is infected" one on somebody's Android phone and the owner prior to asking me, had actually believed that the phone was infected. Now I'm all for developers making money but not by running such kind of ads. So as user what you could try is:
  • Just avoid clicking such misleading ads. I think this is best option for everyone.
  • Disable the internet when using such apps, that's assuming the app doesn't need internet to run.
  • If the app is really good, you can always support the developers by buying the paid app that don't have ads.
  • Get an alternative app that doesn't have ads.
  • Install a system-wide ad blocker. You may have to root your android phone for this to work.


PLEASE DO NOT SPAM

Emoticon