Third parties licensed by the National Communication Authority to provide Value Added Services (VAS) have been known to perpetuate unsolicited subscriptions among mobile phone users in Ghana.
But how they go about it has been a mystery to many.
A Luv News investigation has found that some have largely been carrying out their operations through local and regional adult websites.
10 months after the exposé on unsolicited subscriptions, Luv News decided to revisit 28 participants in the first survey whether they’ve inadvertently re-subscribed to some of these services.
Unfortunately, 12 of them had been experiencing recurrent unsolicited subscriptions.
After several questions, it came out that the victims had them through some popular local and regional adult websites. These are Empressleak, Totoleak and Ugandanporn.
Empressleak is back for bad
In August 2020, the website which was implicated in sextortion was shut down by the Ghana Police service following the owner's arrest.
However, the website resurfaced in just a matter of 3 months!
Services like Playinc and UGZ, which charge GHs 0.5 and 0.25 respectively every day were the subscriptions they’d ‘contracted’ from Empressleak.
Totoleak and Ugandanporn are also sites frequented by the victims. Four victims who confessed to visiting these websites had acquired Fanmoby Daily or Bid n Win, both of which charge GHs 0.21 daily and UGZ.
Our confirmation
Luv News decided to ascertain their statements. We, therefore, visited these adult sites and clicked on the videos.
We found that a subscription message followed as soon as we clicked on a video.
We again found that some prompts can take 2 hours before appearing on the phone.
That means after unsubscribing from, for instance, UGZ, as soon as a user clicks on another video, the subscription message will appear but will not immediately show. It can take about two hours for a subscription to show.
Therefore, victims do not notice they’ve been put on these subscriptions, as early checks will reveal nothing.
What is UGZ
In my investigations, I chanced upon a message a mobile phone user sent to Vodafone Ghana on this service which is yet to receive a response.
“I open the SMS only to see that I have a subscription to UGZ ... What koraa is UGZ?” the user quizzed.
I’ve been trying to get answers from Vodafone Ghana about what UGZ, Playinc and Fanmoby subscriptions are all about, and on three occasions, they failed to explain.
Interestingly, I happen to find complaints about this subscription on parkistancomplaints.com.
Vulnerable telcos?
Luv News decided to present the situation to a cybersecurity expert at the Kwame Nkrumah University of Science and Technology, Dr. Emmanuel Ahene.
After going through these websites, he instantly labelled them phishing sites, a website set up to steal your identity, or at least part of it.
Dr. Ahene identifies vulnerabilities in the telco's systems which can be exploited. First, he says that some telcos may lack intelligent security controls.
“If the telecom provider doesn’t have security controls that are more intelligent or if the telecom provider has security controls that have vulnerabilities, then it’s possible for the VAS providers that are malicious to exploit these vulnerabilities to get people subscribed without their consent,” he said.
Secondly, he notes VAS provider aggregators, who put all VAS providers together and deal with the telcos can also exploit vulnerabilities in the telcos system for revenue.
“It’s possible these aggregators if they're malicious, can exploit the vulnerabilities.
Last, Dr. Ahene says if the telcos have a much more secure system, malicious VAS providers can collude with certain websites and embed malicious links to get people to subscribe.
“There’s where you find certain VAS providers using all means of getting subscribers, using all means to embed links in certain platforms to get people to subscribe,” he said.
User protection
Fortunately for users, the telcos have recently been doing well with providing a short code to unsubscribe in case of unsolicited subscriptions. Victims should dial *463# for Vodafone, *175# for MTN and Aitel Tigo, *100#.
However, the subscription process for Vodafone can be cumbersome as it involves more than four steps to unsubscribe as compared to MTN and Airtel Tigo.
Again, he recommends using website content checkers such as virus total and google site checker to know if the website has malicious threats.
Value Added Service providers are searching for every crevice to make revenue; it has become essential for mobile users to observe extra caution when surfing the internet to be free of unsolicited subscriptions.
Latest Stories
-
Fugitive Zambian MP arrested in Zimbabwe – minister
29 mins -
Town council in Canada at standstill over refusal to take King’s oath
40 mins -
Trump picks Pam Bondi as attorney general after Matt Gaetz withdraws
52 mins -
Providing quality seeds to farmers is first step towards achieving food security in Ghana
1 hour -
Contraceptive pills recalled in South Africa after mix-up
2 hours -
Patient sues Algerian author over claims he used her in novel
2 hours -
Kenya’s president cancels major deals with Adani Group
2 hours -
COP29: Africa urged to invest in youth to lead fight against climate change
2 hours -
How Kenya’s evangelical president has fallen out with churches
2 hours -
‘Restoring forests or ravaging Ghana’s green heritage?’ – Coalition questions Akufo-Addo’s COP 29 claims
3 hours -
Ensuring peaceful elections: A call for justice and fairness in Ghana
4 hours -
Inside South Africa’s ‘ruthless’ gang-controlled gold mines
4 hours -
Give direct access to Global Health Fund – Civil Society calls allocations
4 hours -
Trudeau plays Santa with seasonal tax break
4 hours -
Prince Harry jokes in tattoo sketch for Invictus
5 hours