Scam messages are circulating in the name of telecommunications operator Elisa, promising a loyalty reward and directing to a phishing site. Recently, Finns have been sent scam messages particularly related to Suomi.fi, the Tax Administration, and Kela, but also in the names of Spotify, Netflix, OmaPosti, and Aktia. Elisa advises being critical of links received via email and never providing login credentials through links. The company also recommends changing passwords immediately if you suspect you have given your login details to the wrong hands. How many people have fallen victim to the Elisa scam and what financial losses have occurred remains unclear.
Fake text messages claiming to be from mobile operators EE and Vodafone and promising rewards from their rewards schemes are circulating. EE first heard of the scam two months ago and since then 265,000 people have reported the fake text messages. EE does not offer a points-for-rewards scheme. Vodafone has the VeryMe Rewards scheme but says it never refers to it as the 'Vodafone Rewards Club', which is what it is called in some texts. The exact number of victims and total financial losses from the EE and Vodafone reward points scam have not been disclosed.
If you get an unsolicited or suspicious phone call from someone claiming to be from Apple or Apple Support, just hang up.
The messages were sent via RCS, a more advanced type of messaging than SMS, and EE is unable to block them, unlike SMS, which it can. EE is working with Apple and Google on the problem. Vodafone's customers are mostly not receiving the texts labeled as coming from Vodafone because RCS is not enabled by the carrier on iPhones. People on other networks are receiving the scam texts. Whether there is any coordinated law enforcement action targeting these scams across different countries is unknown.
A new warning has been issued to iPhone users over a scam involving fake Apple Pay 'fraud alerts' via text message. The scam claims a fraudulent transaction was made via the victim's account, requiring immediate action, such as moving funds to a 'safe account', withdrawing cash, or sending money through Apple Pay or gift vouchers. The text is made plausible by the use of stolen personal details. Consumer advocacy organisation Consumer Affairs explains that the scam relies on social engineering rather than breaking into computer systems. Apple Pay itself is secure, but scammers exploit trust in the brand and the speed of digital payments. The specific methods used by scammers to obtain personal details for the Apple Pay fraud alert scam are not detailed.
Apple advises that if you receive a suspicious text of this nature, you should take a screenshot and email it to reportphishing@apple.com. Apple, along with other tech firms such as Microsoft or Google, will never contact you asking you to call a number or link to a specific website. The effectiveness of current countermeasures by telecom operators and tech companies in preventing these scams is still being assessed.