Telephone, Internet, TV Consumer protection Telecommunications fraud

Telecommunications fraud

Fraud is ubiquitous these days, and criminals are becoming increasingly inventive. It is therefore crucial to stay on your guard and to protect your sensitive information.

Below is a list of methods criminals frequently use, including options to protect yourself and more information about what the BIPT is doing to mitigate fraud as much as possible.

Phone fraud

1.    Fraudulent calls or "vishing" (voice phishing)

In cases of vishing, criminals use voice communication to try and obtain personal and confidential information, such as your personal banking details. Their story often sounds authentic and can be quite elaborate, as they impersonate trusted persons, government agencies (e.g. the Finance or Justice Department, the police, the BIPT …), banks, large software groups, etc.

This is usually the first step.  Next, the real fraud is committed using your information – combined with data collected through other channels.

In some cases, special techniques are used:

  • Spoofing: in spoofing cases, the telephone number of the incoming call appears to be trustworthy, but in reality, the person calling is a scammer who is after your money or personal information. In order to do this, fraudsters use a false "CLI" or Calling Line Identification when calling their victim.

As a result, your bank's phone number may appear on your mobile phone screen, while the actual call is made by a completely different number.
Fraudulent calls with "spoofed" phone numbers that appear to be Belgian, often originate overseas. Telecommunications operators are required by Royal Decree to take technical measures to block such calls, barring certain exceptions. While this makes life more difficult for fraudsters, vigilance is still required as fraud techniques continually evolve.
 

  • Robocalls: these are automatically generated calls, using pre-recorded messages or artificial voices. Even though businesses employ these types of automated calls legitimately (e.g. for marketing purposes), fraudsters like to use the technique to obtain confidential information, such as your personal banking information.

Examples:

  • By posing as bank employees, fraudsters try to talk you into transferring money to what they claim is a secure account number, allegedly to protect you against fraud. The money then ends up in the account of a so-called ‘money mule’, however, who will transfer it to the real fraudsters.
  • By posing as help desk agents working for Microsoft, Apple, etc., fraudsters try to persuade you to install software on your computer that allows them to access your computer and your data. After that, your confidential banking details are theirs for the taking.
  • You receive a call from someone pretending to work for your telephone company, who informs you that you urgently need to update or renew your SIM card. Next, you are asked to install an app and follow further instructions.

What should you do?

If you are a victim of fraud use the Police on Web platform to report it.

2.    Ping calls or ‘wangiri’

‘Wangiri’ means ‘one ring and drop’ in Japanese. In cases of ping calls or wangiri fraud, criminals try to trick you into calling premium rate numbers by making short-duration calls – without leaving a message – hoping you will call back. If you call back out of curiosity or concern, they earn money because you will be charged for the premium rate call.

Alternative method: decoy text message: in other cases, fraudsters will send a text message inviting their victims to call a premium rate number overseas.

What should you do?

  • If you receive a (brief) call from an unknown number, always verify the number’s structure. Belgian landline numbers have 9 digits and start with a 0. Belgian mobile numbers, on the other hand, have 10 digits and are always structured as follows: 046xxxxxxx, 047xxxxxxx, 048xxxxxxx or 049xxxxxxx.
  • There are also short, 4-digit numbers that are used for SMS and MMS services. These are premium rate numbers. If a number starts with ‘+’ or ‘00’, it is a foreign number. Be careful calling these, as international calls may be subject to a surcharge.
  • If you receive a ping call, never call back!

3.    SIM swapping

SIM swapping is a technique used by criminals to gain control of your phone number. That way, fraudsters can pretend to be you and misuse your identity. This is done by taking over your mobile phone’s SIM card by means of your (stolen) personal data. Using your data, criminals will trick your phone company into transferring your phone number to a SIM card they already own. After that, you will no longer be able to call, text or use mobile data.

What should you do?

  • If your phone loses service for no reason, report this to your phone company immediately. If the company confirms your SIM was swapped, report it to the police and change your passwords right away.
     
  • In some cases, fraudsters will take advantage of the number portability option to initiate a SIM swap. Therefore, never give your SIM card number or customer number to an unknown party.

4.    Malicious and unsolicited calls

Some calls are perceived as intrusive, even if the caller does not have the intention to scam you.
 

  • If you are often harassed by the same unknown caller and would like to know their identity, you can turn to the Office of the Ombudsman for Telecommunications. On the Office of the Ombudsman’s website, fill out the ‘Application form for the identification of suspected malicious callers’. If you would like to file a complaint with the police afterwards, you can include this information in your report.
     
  • If you no longer want to be contacted by companies engaging in commercial telephone campaigns, you can register your telephone number on the “Do Not Call Me List”. As a consumer, you can register your number by using it to call 02 882 19 75 and following the instructions during the call. Companies are legally obliged to remove all telephone numbers included in this list from their contact lists.

Should you receive a call despite your registration on the Do Not Call Me List, you can file a complaint with the Economic Inspection of the FPS Economy. To do this, open the Consumer Connect platform, choose the Themes menu and click 'Advertising and Sales techniques — ‘Unsolicited Advertising’ — ‘Unsolicited Telephone Advertising’ ' — ‘Report an infringment’.

What should you do?

  • Report cases of phone stalking to the police and the Office of the Ombudsman for Telecommunications.
     
  • Also, register your telephone number on the Do Not Call Me list if you want to stop receiving unsolicited commercial calls.

Message fraud (phishing/smishing)

Criminals frequently use email (‘phishing’) or text messages (‘smishing’) to try and defraud people.

The end goal of these messages always consists in obtaining confidential data, such as your personal banking details, or to trick you into making a payment to a fraudster's account. During the phishing or smishing attempt, victims are often redirected to a counterfeit website, urged to click on a malicious link or persuaded to call a phone number that is owned or controlled by the fraudster.

For example:

  • Your holiday pay has been recalculated. Please confirm the amount you are entitled to using the link below."
  • BPOST: In order to receive your parcel, please pay the customs fee by means of the attached link."
  • Card Stop. A new device was registered to your online banking account. I you did not register the device, please call us immediately at XXX."
  • Potentially fraudulent transaction using your debit card 6703**** for the amount of 2,400 EUR. For immediate assistance, please call xxx."

Alternative methods: 

  • Help request fraud: in help request fraud cases, fraudsters contact their victims using email, text or app messages. They pretend to be one of their friends or loved ones and request urgent financial assistance. Should you receive a similar request, never transfer the money right away. First, always confirm the request is genuine by personally talking to the actual friend or family member. A good way to make certain you are talking to your actual friend or loved one, is by asking a question a fraudster normally should not be able to answer correctly.

For example: “Help, I lost my mobile phone and wallet. This is my new number. Could you transfer 250 euros to my account (xxxxxxxx)? I'll pay you back as quickly as I can!"

  • In some cases, you can be victim of identity fraud yourself, and one of your friends, loved ones or contacts will receive a text or app message by a criminal requesting urgent financial assistance. If you suspect you are a victim of identity fraud, always contact the police. 

What should you do?

Use the Police on Web platform to report it.

Safety precautions

Always keep in mind these rules of thumb to avoid falling into traps, regardless of the type:
 

  • Be wary anytime you receive an offer that seems too good to be true (such as bonuses, prizes, refunds, etc.).
  • Never provide personal information over the phone, especially when asked to perform an action that may have financial consequences. 
  • If a caller identifying as an employee of a bank, government agency, phone company, etc. asks you for that type of information, please hang up. Verify if the call was genuine by calling back, using a number you can trust.
  • Never give a stranger access to your PC or smartphone. Fraudsters may try and convince you to install a program on your PC or to download an app on your smartphone. This will give them control over your device and will allow them to change your passwords, for instance.
  • Beware of unknown or unusual phone numbers. Never call those numbers back and consider blocking them as well.
  • Fraudsters will often try to create a sense of urgency. If you are unsure, first talk to someone about what your best course of action would be. Never rush into things.
  • WhatsApp is a widely used communication channel for fraud. Be careful: profile pictures and names can easily be forged.
  • Refrain from posting accurate information about your identity on social networks.
  • Choose safe authentication methods whenever possible: use multi-factor authentication and identification apps such as Microsoft Authenticator or itsme. Choose strong passwords (at least 12 characters, in a combination of letters, numbers and symbols) that you change regularly. Use different passwords and codes for different applications and services.
  • Report suspicious practices. Consumerconnect.be can be used to report various types of fraud and scams. 
  • If you notice a suspicious message, please also report it to the Centre for Cybersecurity Belgium by forwarding the mail to suspicious@safeonweb.be and/or attaching a screenshot of the text message.
  • Do you often receive unwanted calls? Check whether your telephone number is published online via the Central Number Database (CNDB). If   your name, address and telephone number are public, you can have this information removed via your telecom operator's customer service department. This will make it a little more difficult for fraudsters to reach you!


If you fell into a fraudster’s trap, you need to act quickly:
 

  • When you passed on your banking details or when money is missing from your bank account, Contact Card Stop (www.cardstop.be or 078 170 170) and notify your bank (you can find your bank’s phone number on the Card Stop website). Do this as quickly as possible.
  • Keep all evidence of the fraud (messages, notifications, account statements, etc.).
  • If you lost money in another fraudulent way, always file a complaint with your local police.
  • If you installed a program on your smartphone or computer at the request of a scammer, please uninstall it as soon as possible and use an antivirus programme to make sure your device is safe again. 
  • Change any passwords fraudsters may have had access to.
  • Even if you did not lose any money, reporting fraudulent or suspicious practices to Consumerconnect.be, and suspicious addresses to suspicious@safeonweb.be is always a good idea. 

What does the BIPT do?

The BIPT manages all Belgian telephone numbers and monitors compliance with consumer legislation in the telecommunications domain.

In close cooperation with the telecommunications operators, the Institute continually endeavours to minimise the risk of fraud involving telephone numbers:
 

  • The BIPT plays an active role in the non-profit organisation “VZW voor Nummeroverdraagbaarheid in België”, which is responsible for managing number portability. In that capacity, it streamlines transfer processes for telephone numbers between telecommunications operators in order to minimise the risk of fraudulent SIM swaps.
  • The BIPT has issued operator guidelines setting out call resolution principles that should increase the reliability of Call Line Identification systems.
  • The BIPT provided technical input for a Royal Decree that stipulates operators should block international calls to Belgian numbers that falsely display a Belgian number, barring certain exceptions. The BIPT actively monitors this measure. It may, for example, withdraw or suspend an operator's right to invoke an exception if abuse or fraud is detected based on concrete evidence.
  • The BIPT continuously monitors the various fraud patterns. Together with the telecommunications operators, the Institute takes measures to limit fraud, including by blocking certain telephone numbers.

 

Back to top