Terms and Conditions
Scams and hoaxes
Scammers use a wide variety of methods to impersonate legitimate businesses and organisations to obtain personal and private information. Known as phishing, these scam websites, emails and text messages can be difficult to spot. Try to look out for incorrect spelling and grammar, and poor layout, imagery and styling. For more information, head to the Scamwatch website.
What to do if you receive suspicious correspondence or calls claiming to be from Lebara
Scam emails and text messages
If you receive an email that is unknown, unsolicited or you suspect to be fraudulent including messages with a one-time code that you didn’t initiate, this is what we advise:
- Don’t reply to email
- Don’t provide any personal details
- Don’t click on any links
- Don’t open any attachments
- Don’t call any numbers associated with the email
- Don’t share any content of the email with anyone
- Email a screenshot of the message to firstname.lastname@example.org
- Report the email to Scamwatch
- Email email@example.com and provide a screenshot of the suspected fraud message, the date and time you received it, how many times you received it and your mobile number.
Scam phone calls
Lebara only calls our customers from selected numbers. If you receive a phone call that you suspect is fraudulent, this is what we advise:
- Don’t give the caller any personal details and hang up.
- Check that the call is coming from a number that’s not a number that we use (02 8015 6314).
- Block the caller/sender’s number using your phone’s built-in call rejection features or by downloading an app to restrict incoming calls and messages.
- Let the call go to voicemail and then listen to any message left to ascertain if this might be a genuine call.
- Report the call to Scamwatch
- Report the email or SMS to Scamwatch
- Email firstname.lastname@example.org and provide the date and time you received the call, how many calls you received in total and your mobile number.
Scam websites can be difficult to spot. Try to look out for incorrect spelling and grammar, and poor layout, imagery and styling. If you come across a website that you suspect is fraudulent, this is what we advise:
- Don’t click on any links
- Don’t call any numbers associated with the website
- Report the website to Scamwatch
- Email email@example.com and provide a screenshot of the website, the date and time you accessed it and your mobile number.
Latest known scams
You may have recently received an SMS message, claiming that you have had a missed call or voicemail. These messages are generated by Malware called Flubot, which spreads via SMS messages and can infect customers with Android devices on any mobile network. We have also seen variants of the Flubot message, purporting to be from a courier service asking the end-user to install a tracking app through a link that will infect the device with malware. If a user clicks the link and installs the app, the malware will take over the device and send texts to the infected user’s contacts.
An easy way to identify these messages is the badly spelled wording, such as:
my86 Your service provider zas sent you a nee notice: <LINK>
wfq5cm Voicemail: You have 1 new Voicemaill (s). Go to: <LINK>
If you receive an SMS like this, do not click on the link and please forward a screenshot of the message to firstname.lastname@example.org. Delete the SMS as soon as possible. It is important to point out that just because you have received the message, this does not mean your device has become infected.
If you click on the link, you will be taken to a web page that may look like a genuine site with branding that you are familiar with. You may be prompted to install an app, so you can listen to the voicemail message. If you give permission to install the app, the Flubot malware will be installed onto your device. The malware may be able to access your contacts list and access your personal information if you use your device while infected. You may also receive texts or calls from random numbers stating that you have sent them an SMS, which you will have no knowledge of.
How will customers know if it is a scam?
One of the easiest ways to identify these messages is from poor wording or incorrect spelling.
What should customers do if they receive the message?
If a customer receives any SMS they do not recognise, they should not click on the link and delete the message as soon as possible. Just because a customer has received the message, it doesn’t mean their device has been infected unless they have clicked on the link and the app has been installed.
If customers are expecting a delivery, they should go to the company’s website to track their package. They should also only access voicemails via their voicemail inbox.
What should customers do if they have been infected?
If a customer has been infected, they will need to remove the malware by ‘cleaning’ their device by following one of the steps below. They should not enter any passwords or log into any accounts until this is completed.
To clean a device, users can:
· contact an IT professional
· download official Android anti-virus software through the Google Play Store
· perform a factory reset of the phone.
Performing a factory reset of a phone will delete all data including photos, messages, and authentication applications.
Wangiri fraud is when you receive missed calls from international numbers you don’t recognise on either a mobile or a fixed-line phone. The fraudsters generating the missed calls hope that their expensive international numbers will be called back so that they can profit.
If you receive calls like this, be assured that you haven’t been specifically targeted. It’s likely that the fraudster has generated a missed call to a whole range of mobile numbers that happens to include yours.
What should you do if you get a suspected Wangiri call?
We recommend that you don’t return calls to international numbers that you don’t recognise. Calls to Wangiri numbers will often result in a charge being incurred and only encourages the fraudster to generate more missed calls to customers who choose to call back.
If you think you’ve had a missed call from an international number that may be involved in this scam, let us know. Just send an email to email@example.com and provide us with your mobile number and the international number you received the nuisance call from plus the date & time of that call.
What’s being done to address this issue?
We proactively monitor our network for Wangiri activity and shut down new fraudulent international numbers and number ranges as we find them.
This is an issue affecting customers of mobile and fixed line operators around the globe, and we’re working with a number of different operators and industry groups to reduce Wangiri fraud levels.
The missed call scam
Mobile phone users across the globe are being targeted by overseas callers who make huge sums of money when the receiver calls back on the unknown number from which they missed a call. This is known as ‘Wangiri Fraud’. This type of fraud is not specific to Lebara and appears to be on the rise.
Fraudsters call from international destinations. They will call a user and disconnect the call promptly before it is answered. They then wait for the person to call back. These numbers are charged at premium rates and, if the caller calls this number, they are hit with significant charges.
What happens if you do answer the call or call the number back?
They will engage you in a conversation and try to trick you into revealing details that can be used to defraud you.
What should I do?
Do not answer a call from an overseas number unless you recognise the number or are expecting the call.
Do not return a call to an overseas number unless you recognise it.
Do not give out any personal or business information such as banking or credit card details, pin numbers, birth dates or personal names and addresses.
Do report the call and the number to Lebara be emailing firstname.lastname@example.org to help us fight back against the fraudsters.
Fraudulent Facebook pages
Some of our customers have reported buying phones from facebook pages claiming to be Lebara. We have one facebook page at facebook.com/lebaraau and in which we never sell products through. Do not send money to anyone on facebook claiming to be Lebara and report by emailing email@example.com.
How to protect your device.
Here are some ways to protect your device:
• Make sure to use strong PINs and passwords and change them regularly. Avoid easy to guess PINs and passwords like ‘123456’, ‘000000’ and ‘password’.
• Lock your mobile handset and voicemail with strong PINs.
• Think carefully before clicking on a link or opening suspicious emails and attachments.
• Pay attention to your app permissions (what your apps are allowed to do and access, e.g. location, call history, etc). Only allow necessary permissions.