back to article Wham, bam... premium rate scam: Grindr users hit with fun-killing charges

Malicious ads from third parties have been piggy-backing on the gay dating app Grindr to run a premium rate number scam. Grindr blamed a third-party network for pushing the dodgy advert, which was withdrawn after representations from El Reg. We learned of the apparent scam after hearing from Tom, a UK-based Grindr user. "The …

  1. Anonymous Coward
    Anonymous Coward

    But if you sanitize the grindr app, will it actually still be useful?

    1. Cliff

      These premium number ads are a pain in the arse.

  2. Anonymous Coward
    Anonymous Coward

    Regr

    Online

    89 centimeters away

    53 years old

    5'5" 140 kg

    Caucasian

    Tone Deaf

    Divorced

    Regr Tribes

    Lardass, Glasshole, Rugged

  3. Pascal Monett Silver badge
    FAIL

    Gotta love the excuse

    "We do have safeguards but we serve billions of ads so something might slip through"

    Translation :

    "We can't be arsed to really ensure our users' security, so we just half-assed it and when it breaks, oopsie"

    Computers do what they are told. If they are given the proper procedure to lock down incoming data, that procedure will be applied on ALL incoming data. Computers don't just skip something every now and then - not when they are properly programmed.

    What Grindr is actually saying is that they cannot properly lock down ad security because they would be limiting the number of ads they can serve. Which, in turn, means that those ads are doing fishy things in great numbers, but Grindr prefers the revenue (duh).

    Once again, consumers are left hanging in the wind in the eternal battle between money and security. And money wins every time.

    1. Friendly Neighbourhood Coder Dan

      Re: Gotta love the excuse

      Don't really know how it exactly works - but if they have a way to filter ads from a certain source, they will just serve more from another one? Again, I might be wrong.

      If it is the case, they don't even have the excuse of loss of revenue...

      Also, and that's another genuine question, shouldn't it be the operating system's job that makes sure no dialing happens without making it really obvious to the user?

    2. Anonymous Coward
      Anonymous Coward

      Re: Gotta love the excuse

      "so we just half-assed it and when it breaks, oopsie""

      I guess their clients are used to that sort of thing.

  4. Friendly Neighbourhood Coder Dan
    Paris Hilton

    Are we talking about a parallel universe I'd like to live in?

    "Tom echoed concerns that gay men were cynically being targeted because they might be less likely to complain."

    Wow. Just wow.

    1. gurugeorge

      Re: Are we talking about a parallel universe I'd like to live in?

      I'm a gay man and I don't get what's wrong with that post, unless you mean that gay men like yours truly are such whiny moany little bitches that they are more likely to complain...

      1. Friendly Neighbourhood Coder Dan

        Re: Are we talking about a parallel universe I'd like to live in?

        I am a gay man too, and I do get the impression that our lot are a bit more prone to complaining about things. But it could just be my experience :-)

        Also, again maybe it's just a personal experience, but it's interesting that tongue in cheek comments about women, Windows users, straight or LGBT fanpeople, fandroids, straight men or any kind of stereotype about a category is immediately recognised as such. If it's about gay people it's likely to outrage.

        Honestly, did you find my original comment offensive? Really? Or maybe were you just trying to confirm that I was bringing up a good point there?

        1. Archibear

          Re: Are we talking about a parallel universe I'd like to live in?

          Yes, but not everyone who uses these apps can be open and up-front about their sexuality. There is still a lot of truth in the old, old joke:

          Q. What do you call a man who's up before the magistrate on cottaging charges?

          A. Married with two children.

        2. Anonymous Coward
          Anonymous Coward

          Re: Are we talking about a parallel universe I'd like to live in?

          "Are we talking about a parallel universe I'd like to live in?"

          Well personally I couldn't imagine anything much more embarrassing than having to complain to some random stranger "Well I was using this queer dating app and it dialled this premium sex number and...."

          1. not_equal_to_null

            Re: Are we talking about a parallel universe I'd like to live in?

            Why would admitting that you use Grindr possibly be embarrassing?

            1. Androgynous Cupboard Silver badge

              Re: Are we talking about a parallel universe I'd like to live in?

              There's an old story from years ago: adverts appear in porn magazines for a catalogue catering for all sorts of acquired tastes. Cheques are posted, but publication slips and apology letters sent. A month later the same. Finally an apology is sent "we're sorry, due to events beyond our control" etc. and a refund cheque issued: in the form of a giant pink cheque with "Felchers guide to Sexual Deviancy" (along those lines - I'll be damned if I'm googling for it) written in large letters on the top. Unsurprisingly not many of these were cashed.

              My point is, this sort of scam has form.

              1. The Vociferous Time Waster

                Re: Are we talking about a parallel universe I'd like to live in?

                I think the movie you are referring to is Lock Stock & Two Smoking Barrels.

            2. not_equal_to_null

              Re: Are we talking about a parallel universe I'd like to live in?

              I'm really not sure why I got downvoted there... I'll have a little rant about it now...

              As a gay man and regular user of Grindr I take offence to people insinuating (not just in the comments above, but also in the comments on this site in general) that the use of apps such as Grindr (or, being a sexually active gay man) is somehow something funny, quirky, weird or embarrassing.

              I for one am *proud* to be gay, and am *proud* that I am comfortable enough in my own skin to be honest and open about what I like to get up to.

              I resent the attempts of all the hetronormative morons in the comments fora to somehow 'shame' me and others like me just because they are repressed, illiberal stick-in-the-muds under the impression that it is still somehow the 50's.

              1. Cynic_999

                Re: Are we talking about a parallel universe I'd like to live in?

                The reason Grindr users are less likely to complain is that, like it or not, there are still a great many gay & bisexual men using such sites who are "in the closet" and would prefer that their friends, colleagues, mother, father, wife, girlfriend and/or children do not discover that they are not 100% heterosexual. Making a complaint carries a risk of exposing their secret.

              2. DavCrav

                Re: Are we talking about a parallel universe I'd like to live in?

                "As a gay man and regular user of Grindr I take offence to people insinuating (not just in the comments above, but also in the comments on this site in general) that the use of apps such as Grindr (or, being a sexually active gay man) is somehow something funny, quirky, weird or embarrassing.

                I for one am *proud* to be gay, and am *proud* that I am comfortable enough in my own skin to be honest and open about what I like to get up to.

                I resent the attempts of all the hetronormative morons in the comments fora to somehow 'shame' me and others like me just because they are repressed, illiberal stick-in-the-muds under the impression that it is still somehow the 50's."

                Maybe you got downvoted because you are an idiot. You are out and proud. Grand, good for you. Maybe there are people who are not out and proud, or even not out at all. Maybe it's illegal to be out in your jurisdiction, maybe you are gay and Catholic, and you just don't want to deal with all the crap likely to occur, so you are out to some people and not to others. Or maybe you are a private person who thinks that your sexual orientation is your own business.

                As an aside, something has always concerned me about the concept of being "out and proud". I am straight. It is part of who I am, and therefore I cannot be proud of it, in the same way that I cannot be proud that I am tall, or some other thing that is mostly genetic. I can understand being proud that you have come out if it is a deep personal battle, or one that involves societal pressures. But if one acknowledges that it is the coming out that is a reason for pride, and not the being gay itself, then one cannot simultaneously deny that there is a reason not to be out, which appears to be what you are doing in this comment. If it is fine and no problem to be gay in today's society, then there is nothing to be proud about that one has come out. One idea requires the other to survive. Perhaps this is standard knowledge, I am not up to date with the current thinking in this area.

                1. not_equal_to_null

                  Re: Are we talking about a parallel universe I'd like to live in?

                  Actually, you managed to totally miss the gist of my point. I'll make it a little more succinctly here for your convenience:

                  'Pride' in this instance is not a glitter-covered banner being waved at every opportunity, more an internal feeling of completeness and honesty with oneself.

                  All I'm trying to say is that those guys that do use Grindr shouldn't feel any embarrassment about it, as seeking out people who like the same things as you is a *totally normal* thing to do.

                  I totally understand that everyone's circumstances are different, but the important thing is that comments perpetuating the idea that Grindr or 'loud gays' (to paraphrase your crock of nonsense) are weird or somehow should shut up and be greatful they're on the whole accepted is, frankly, bizzarre and archaic.

                  I was simply trying to make the point that the casual mockery of gay culture and lifestyles creates a climate of friction, and ultimately hurts not those of us that are out and loudly proud, but those of us at our most vulnerable... the ones that are still in the closet.

                  1. DavCrav

                    Re: Are we talking about a parallel universe I'd like to live in?

                    "I totally understand that everyone's circumstances are different, but the important thing is that comments perpetuating the idea that Grindr or 'loud gays' (to paraphrase your crock of nonsense) are weird or somehow should shut up and be greatful they're on the whole accepted is, frankly, bizzarre and archaic."

                    I at no point said that "loud gays" should shut up. Or even anything remotely approximating it. I was always confused about why it is referred to as 'pride', and as I said I can understand it if it is meant as a personal struggle with understanding oneself.

                    I think you might be looking for offense -- as you said earlier that you found something offensive that was pretty harmless -- and again you appear to have decided I am anti-gay. I am anti-gay in the sense that I am anti-avocado. I don't like avocado and so I don't have it. If someone offers me avocado I will decline, but I don't see why I should care if other people eat avocado.

                    1. Ben Tasker
                      Joke

                      Re: Are we talking about a parallel universe I'd like to live in?

                      I am anti-gay in the sense that I am anti-avocado. I don't like avocado and so I don't have it.

                      So you don't like fruits?

                      Sorry......

              3. Anonymous Coward
                Anonymous Coward

                Re: Are we talking about a parallel universe I'd like to live in?

                I take offence to people insinuating .... is somehow something funny, quirky, weird or embarrassing.

                To many people your lifestyle choice is offensive - and many people would find it at the minimum a distasteful thing to discuss. So you might be offended by others being offended buts that's the way it is. I can assure you that in many pubs, work places, etc, knowledge that someone used such an app. or had non standard sexual preferences would commonly be a subject of derision regardless of if you like it or not.

    2. Anonymous Coward
      Anonymous Coward

      Re: Are we talking about a parallel universe I'd like to live in?

      Not all the world's like your little universe, Dan.

  5. This post has been deleted by its author

    1. Fred Flintstone Gold badge

      Re: permissions

      At least on iOS, you can (out of the box) deny specific permissions to apps.

      Ah, but dialling isn't one of them - instead, iOS always requires user permission for a call precisely because abuse gets picked up too late (it's a second layer of security if the app screening process didn't catch it). There are couple of things like that in iOS, you can also not intercept an incoming SMS unlike in Android. The latter is a bit of a shame because it makes encrypted SMS like the stuff from Whispersys impossible.

      However, I wonder if this may be the cause of the latest iOS update to 8.1.3 - most of the CVEs were about exceeding bounds to potentially execute malicious code.

      I don't quite buy this, though - you must be rather deep into an app's code to make it do something COMPLETELY different in a controlled way via an inserted ad, that's an awful lot of barriers to overcome just to clock up some premium rate profit. If you're that talented I'm sure there are more interesting targets out there. Something grinds here (sorry).

      1. This post has been deleted by its author

  6. Elmer Phud

    The iOS version

    Ah yes, the 'safe option', the fanbois mantra.

    IAnything -- pwnd from the start

  7. Richard 1

    £1 per second? I don't think so.

    According to Ofcom, the most expensive call you can make in the UK is £2.60 per minute from a landline and £2.50 per minute from a mobile. I always enjoy these "I was charged £2,500 per millisecond" claims. No, you weren't. You must have been on the call for quite some time for your £30,000 phone bill. ;)

    1. Chris King

      Re: £1 per second? I don't think so.

      Yep, total bollocks on that "pound per second" thing. PhonePayPlus says:

      Check a Number - Result

      PhonepayPlus has the following information about number:

      09136660010

      Customer care number: 0203 455 0849

      Customer care email: techandcommunication@gmail.com

      Search result provided by: Technology and communication Limited

      Service connected on: 01 December 2014

      Service terminated on: This service is still operating

      Name of service: Recorded Football Stars

      Type of service: Entertainment - non-adult

      Service description: A listening more funny sentences of European footballers.

      How much does this service cost? £1.53 per call & £1.53 per minute

      If you would like to find out more about this service or have a question about it then you should contact Technology and communication Limited

      Unit H, 12/F, Legend Tower

      7 Shing Yip Street

      Kwun Tong

      Kowloon

      123

      You can bet that the contact details are fake and the London number is a VoIP line, so how was this obviously fake overseas company allowed to operate a premium rate number ?

    2. Kristian Walsh

      Re: £1 per second? I don't think so.

      Not bollocks. Note that it says "£1.53 per call and £1.53 per minute". How short can you make a call? Just connecting and hanging up will incur the "per call" charge.

      (Phone billing systems always show a completed call as being at least 1 second long even if it's shorter... customers complain if they see themselves being charged for "00:00:00" durations on their bill)

      There are two parts to a phone call charge. The first is the setup charge: the amount you pay just to have the connection established. The second is the duration charge, levied per minute. Either of these can be set at zero for a premium number (but not both, obviously).

      Some services charge extremely high setup charges with no duration charge - e.g., voting lines for those TV "talent" shows: your call might be only 5 seconds, but you're charged £1.00 for it.

      This is often presented in the advertising as "calls cost no more than £x.xx from a BT Landline".

      Because these numbers are short-duration calls (the remote end plays you a canned message and then hangs up very quickly), they're ripe for automated-dialler scams.

      1. Graham Marsden

        @Kristian Walsh - Re: £1 per second? I don't think so.

        > Note that it says "£1.53 per call and £1.53 per minute". How short can you make a call? Just connecting and hanging up will incur the "per call" charge.

        Yes, if you connect and hang up one second later, you will be charged £1.53, but that's not the same as "the number concerned charged £1.53 per second".

        1. dogged

          Re: @Kristian Walsh - £1 per second? I don't think so.

          > Yes, if you connect and hang up one second later, you will be charged £1.53"

          Surely you'll be charged £3.06?

          1. Alan Brown Silver badge

            Re: @Kristian Walsh - £1 per second? I don't think so.

            Normally the flagfall is charged as soon as the line connects and the recurring charges kick in at 59 seconds.

            One of the nastier ways of scamming people is to have the malware make a lot of 3 second calls.

  8. This post has been deleted by its author

    1. mark 177

      Re: the solution is simple...even simpler

      Tell your phone provider to activate "barring of all premium rate calls" on your phone....or find an app to do it (I'm sure there are some out there...)

      1. Alan Brown Silver badge

        Re: the solution is simple...even simpler

        root+adblock plus.

        Too hard for the average punter though, gay or not.

      2. DavCrav

        Re: the solution is simple...even simpler

        "Tell your phone provider to activate "barring of all premium rate calls" on your phone....or find an app to do it (I'm sure there are some out there...)"

        Ah, don't we have a problem with an app doing that that this is one piece of software blocking another? I cannot find it now, but I remember an article explaining why you cannot have a software-enabled global bar on something: broadly speaking, it's because one program cannot be "top priority", and definitely stop all other programs doing something, because they can just say they are top priority, and even more important than the last one, and switch the thing back on.

      3. Peter Simpson 1
        Thumb Up

        Re: the solution is simple...even simpler

        In the US, it's called a "third party billing block" and I've activated it on all my accounts.

        Just call your carrier and tell them to put one on your account. it shouldn't cost anything.

        1. Hans 1
          WTF?

          Re: the solution is simple...even simpler

          >In the US, it's called a "third party billing block" and I've activated it on all my accounts.

          >Just call your carrier and tell them to put one on your account. it shouldn't cost anything.

          You do not understand the problem.

          The problem is that apps can make phone calls, even ads ... this should not be possible - all they should be allowed to do is display the built-in dialer, period - an then, ads should not be able to do that either - they should be display only. An ad could call a tollfree number and cutoff at the first ring to gather ppl's phone numbers - this should NOT be possible.

          Saying that you have to give the app permission on Android is fucked up - you either give permission or you cannot install the app. iOS is only slightly better because you have to confirm you want to make a call. All utter crap ...

          Besides, maybe some people use premium services

          A happy BB10 user - we get none of this crap. Feels sad for those using security sieves ... but then again, if you are reading this, "you should know better™".

    2. Phil O'Sophical Silver badge

      Re: the solution is simple

      Give every telco customer the right to repudiate any premium-rate item (call or SMS, including reverse-billed) on the bill.

      Oh great, you mean I can be reimbursed for all the charges I ran up on the sexchatline last night when I was drunk?

    3. casaloco

      Re: the solution is simple

      Just allow you to refuse to pay them and make it a civil matter fr them to collect the money directly.

      The problem with premium rate numbers is your phone company demand the money from you, gives it to them, and then leaves you to try to recover the money, despite you having no direct contract with the premium rate "service" provider. There is, as far as I know, no other customer relationship like this anywhere else. As a concept, that system simply wont work due to how open to abuse it is.

    4. Alan Brown Silver badge

      Re: the solution is simple

      "Give every telco customer the right to repudiate any premium-rate item (call or SMS, including reverse-billed) on the bill."

      Telcos love premium rate numbers, as they get around 30% of the billable income.

      Ideally they should be jointly and severally liable for such things (as with Visa) but as soon as it gets difficult (ie, someone files legal action), they'll wipe it off the bill and hand it off to the premium provider who then normally farms it out to a collection agency.

      Telcos win both ways, because they usually charge the premium rate providers for services even if they wipe charges to the endusers - a customer of mine back in the late 1980s ran one of those premium rate bulletin board lines for downloading shareware and ended up being chased for thousands when customer complaints led to mountains of chargebacks (in most cases the customers pled poverty, etc).

      1. This post has been deleted by its author

  9. Stuart 22

    Capping Calls

    Security should be multi-layer precisely because you can't exclude flaws in any layer to allow this sort of thing to happen. Which, in the end means if the scam works, you don't end up with a heavy bill.

    Capping bills is the ultimate protection. Tesco Mobile do it (you specify the maximum extra cost in extra charges you will accept which you can easily change if you are going to do some heavy roaming etc). Hence there is presumably no technical reason everybody else cannot do it. They just won't because screwing customers for unwanted services has become addictive.

    Ofcom could change that tomorrow if they put the user first. By the way anybody been to Ofcom Towers? Very plush isn't it? I guess that helps keep them in contact with the common man ... from a great height with a great view ;-)

    1. Alan Brown Silver badge

      Re: Capping Calls

      "Very plush isn't it?"

      All the better to soak up the blood.

  10. Anonymous Coward
    Anonymous Coward

    On the positive side...

    Anything that further tarnishes the reputation of advertising in general has at least served some useful purpose.

  11. Anonymous Coward
    Anonymous Coward

    So, Grindr will get their ad inventory from an Ad Exchange, who will get their ads from various Demand-Side Platforms who bid, live, on the traffic from the Ad Exchange. The ad served will probably be downloaded from a 3rd party Ad Server.

    So one of these fucked up, either the Ad Server or the DSP.

    Depending on the Ad Exchange Grindr are integrated with they may or may not have the ability to block the source of these ads.

  12. Anonymous Coward
    Anonymous Coward

    Obviously a scam

    I mean, who ever heard of a toned, clean-cut, rugged geek? Single, that might be true for once, I suppose.

  13. John Savard

    Obviously, the charges should be billed to the dishonest party who posted the improper advertisement.

    If law enforcement in, say, Belarus, or somewhere like that is not fully cooperative in this, the answer is simply to deny the country involved access to the Internet and, indeed, to long-distance telephone service. It's high time for the treaties that let 900 number dialer virus writers get away with their crimes to be reviewed.

    1. Anonymous Coward
      Anonymous Coward

      Oooh, yes, thank you, let's do this. As soon as that is in place I'll spoof some calls from a US number and get the whole lot over there taken offline for one alleged criminal activity.

      When can we start?

  14. casaloco

    Why?

    Why are these phone number even allowed to EXIST?!? There cannot POSSIBLY be ANY legal reason why anyone would knowingly pay these sort of charges. The only thing I can think of is some sort of money laundering scheme, allowing drug dealers ect to pay each other in a less traceable way.

    1. A_user65

      Re: Why?

      The so called useless 'regulator' OFCOM does nothing - and the phone companies aren't interested in blocking the numbers even if you ask them to - they'd rather you spend the money and give them their commission. Yet another multi level scam, starting with Grindr and ending with the phone company connecting the call.

  15. Anonymous Coward
    Anonymous Coward

    Grindr Scam

    This scam is typical of the previous grindr scams. Even more strange is the fact that adverts offer you the chance to meet 'young beautiful ladies' yet Grindr is a gay men's site - how the hell does that work?

    or the scam 'football scores' auto dialler high rate revenue generating scam described above - yet another one ignored by Grindr and blamed on a 'third party' that they have control over as it's THEIR app!

    Seems like these days it's full of prostitutes, dealers selling illegal substances to order, contrary to law.

    It used to be pleasant, now it's just downright skanky. As for the customer 'service' it totally sucks.

    Arrogant companies always end up losing out in the long run. The brand damaging effects of their policies and ignoring complaints is huge.

    1. Anonymous Coward
      Anonymous Coward

      Re: Grindr Scam

      "the fact that adverts offer you the chance to meet 'young beautiful ladies' yet Grindr is a gay men's site - how the hell does that work?"

      Many are that way because they are too weird to pull women, so they probably jump at the chance of returning to the modal normality...

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like