Steve Pardoe's Cellnet Correspondence Page (1 of 3)

This edition 25. June 2002
Click here to read the latest messages

Cellnet Index page

Logotype of Telecom Securicor Cellular Radio Limited
used here for the purposes of illustration and fair comment only


BT Cellnet are taking money from the credit card accounts of thousands of innocent people...   ...even though they haven't got a Cellnet phone!

This page carries recent correspondence and commentary regarding the Cellnet Fraud scandal.

With such a lot of recent e-mails, the previous page was getting unwieldy again, so we have split off the correspondence from before 1. June 2001 into a second page, and that before 1. January 2001 is now in a third page.

We are also getting a lot of e-mail from people with other gripes about BT Cellnet, such as slow top-ups and withdrawal of services, but, though serious enough, these aren't the subject of this campaign.

Remember, for us to receive these messages, each of the writers must have ...
... had an Internet connection, and ...
... been Cellnet fraud victims (in most cases), and ...
... seen a media article, or used a search engine, and ...
... found our website reference, and ...
... taken the trouble to visit our web site, read the content, and ...
... picked up the e-mail address, and sat down to compose a message.

Since we've had scores of messages, more than 20 already in 2001, it follows that there must be several orders of magnitude more victims out there, probably many thousands of them, who haven't worked through all those steps and written to us.

There's a summary of TV, radio and press coverage at our media page.

I'd like to thank all those who have taken the trouble to contact us, and especially those who've kindly agreed to pass on their experiences to the media to support the campaign. If this fraud has happened to you, please e-mail us at cellnet@pardoes.com with details.


14. June 2002 : AL writes:
I'm not convinced that BT Cellnet have improved their security, having been a victim of this fraud within the last couple of weeks. I am fortunate though in the fact only 10 was taken from my switch card and my bank are responding quickly to cancel my card and replace my cash due to fraudulent use of the card.

13. May 2002 : PC writes:
Last week I noticed 4 of these 30 withdrawals on my bank statement. I immediately notified NatWest Bank who say this is very common and that they would recover the funds. The bank should be notifying me later in the day about the result. I will let you know.
Meanwhile I am totally astonished that Cellnet could allow this to happen as I used to have a pay as you go phone with Vodafone and you had to register in order to use this facility. I now have a contract phone with Vodafone so the bank are happy that it is not me doing this.
Will let you you know the result.

24. February 2002 : JP writes:
We can confirm that BT Cellnet now ask for information about the post code plus the security numbers on the strip at back of card.

This is a further and welcome confirmation that BT Cellnet are indeed belatedly improving their card top-up security. It is still open to abuse, but much improved, and it's a while since we've had a new case of fraud reported to us.

19. December 2001 : DMG writes:
I've just stumbled across your website and recognize the situation. My credit card was debited 30 sometime last summer (don't have the statement with me). The detail had SLOUGH in it and BTCellnet. I knew it wasn't my transaction, so I called my Visa account provider, NatWest, who refunded the amount with no further questions asked. I requested a new card after that. Now I know what had probably happened. It didn't occur to me to take it up with BTCellnet.

24. October 2001 : JS writes again (see 8. October):
Thanks for your help, I have written to my bank again and asked that they reconsider refunding my money and to investigate the matter (I also gave them your web site details as they were interested to have a look after my partner mentioned it in conversation), they have telephoned to say it has been referred to head office, but no response as yet.
Trading Standards (West Yorkshire) rang me and said that they think that my bank should pay, and that they did not think it would be fraud but a mistake, because a company like BT Cellnet would not be involved! I tried to explain the scale of the thing but to no avail. I asked if any investigation was being carried out into this by trading standards, but was told that it may be but they would not find out at local level, it would be kept a secret until investigations were complete.
I have had a response from BT Cellnet, as anticipated no help at all, I have attached both my E Mail and their response. Will let you know of any developments.

BT Cellnet's stock response was as follows:

"Unfortunately, there is very little that I can do for you. You will have to contact your bank and ask for an indemnity claim on the money. This means that they will claim it back form us, and return it to your account.
"If I can be of any further assistance please do not hesitate to contact me on 0161 705 5343 Ext 65618.

"Yours sincerely
Jo Wilman
BTCellnet Customer Service Email Team"

16. October 2001 : MR writes, from Bradford:
Having recently received my bank statement I was unsure of a 30 withdrawal from my switch card to BT Cellnet prepay, Slough. I couldn't figure out what it was for so I went on line to do a search and found your site. I realise I could have been a victim so I have contacted my bank to investigate and cancel my card. The big worry is how many times does this happen without people noticing?

Good question. Far too many, I fear, but it doesn't seem to bother Cellnet.

8. October 2001 : JS writes:
I recently discovered a debit from my bank account, too late, I'm afraid for my bank to refund. They say it was (just) more than 120 days ago and can take no action.

As I replied to JS, I'm amazed. I can't see any good reason for this refusal, and it might be worth your while persevering. The banks do have a "recourse" period of six months on cheques, but in clear cases of fraud like this I think there should be no time limit (except perhaps the six year statute of limitations). All the big banks are well aware of this problem.

JS wrote back :
It's the Nationwide (Building Society) and it was a delta card. I will write back to them to try and recoup my loss and will let you know the outcome. It's not just the money that I've lost, 30 is a small price compared to the stories of colleagues at work, but the fear of having my account emptied and not finding out about it until my genuine payments are bounced that is causing the most worry.
   From the story in my local paper, which I accessed via your website, Bradford appears to be a bit of a hotspot, but since I have no idea how the thief got hold of my details, I don't know how to avoid it happening again. Although petrol stations in the area seem to house most of the fraudsters, I have heard stories about Asda and Morrisons. Quite frankly I don't know who to trust.

The answer is, I'm afraid, that anyone who has had sight of your card can use the numbers to top up a Cellnet phone. Until recently you only needed a till copy of the receipt, which usually has the card number and expiry date, but now (I'm told) you also need the numbers printed on the signature strip, which don't appear on the receipt. However, it's not exactly rocket science to remember these until the customer is out of sight (or even write them down surreptitiously, as an apparent part of the transaction) and you've got all you need. Petrol stations are traditionally bad, as they often have staff working alone, and a lot of card purchases are made there.

Is there anything else I can do to stop this happening to others? Is the government doing anything? Should I contact my MP? it seems that plenty of his constituents are being made to suffer.

I think that might be a good starting point. You never know, she or he could even be a victim already, but not know how widespread the problem is. There was an Early Day Motion, which a Liberal Democrat MP, Paul Burstow, tabled in Parliament as long ago as July 1999, criticising Cellnet's lax security. You can see The Guardian web page here.

17. September 2001 : GS writes:
I just read the story on BT Cellnet on your website and I immediately identified with it because exactly the same thing happened to me. I have a BT Cellnet phone and I pay my BT Cellnet monthly bill by direct debit and recently I saw a bill on my statement for a BT Cellnet prepay card billed from Slough! I have never bought a BT Cellnet prepay voucher and I do not own a BT Cellnet prepay phone so obviously this bill was not made by me. So I called them and asked them to rectify this and they were very unhelpful. They totally denied any liability and told me to sort it out with my bank.
   Needless to say, I was very shocked by this approach because I have never experienced this nonchalance to such a grave issue. Obviously, since they did not take responsibility for it, I had to bear the cost for this spurious transaction and subsequently changed my credit card number to avoid this kind of occurrence happening in the future.
   It is a relief to see that your website is highlighting this problem for others to see so that they are on their guard against similar incidents happening to them. The awareness you are creating on this issue is invaluable to the general public. Thank you for putting in effort to resolve this problem

2. September 2001 : BD writes:
So much for the security systems being upgraded to prevent any more than one switch transaction a month through BT Cellnet. I had two transactions of 30 [to BT Cellnet Pre Pay Slough] from my account last month (August 10th and August 28th) and an earlier one on 25th July. My bank (NatWest) pretty much immediately refunded the 90 which was a relief. I have cancelled my card, although I'm worried about how much this is going to protect my account as someone stated previously Cellnet have accepted cards previously used where the issue number and expiry dates don't match.
   The bank have ordered ledgers from when the card was first issued and I am going to go in to look through these sometime next week to see if BT have taken any more off me. I find it absolutely ridiculous that that unregistered phones can be authorised to use debit and credit cards. It would be quite simple to change the automated service to involve a PIN number you have to type in when making a card purchase, and to acquire the PIN it would have to be sent to the credit/debit card address that is registered with your card.
   I haven't tried contacting BT Cellnet as my bank gave me the money back within hours and said because it was such a common fraud that they would get the money off BT Cellnet very easily.

30. August 2001 : JR writes:
I've only just come across your site, but I found two unexpected Switch debits of 30 each from my bank account last year (at the time I didn't even own a mobile phone).
   I immediately called to cancel my Switch card, and was told by the customer service operator that I had failed the bank's security check because I couldn't remember which of several possible passwords pertained to the account... (even though I could give other details). Fortunately she allowed me to cancel the card nonetheless. The bank initially warned me the routine fraud investigation would take several months to complete, but then called a few days later to say (and I quote), "Normally we investigate frauds, but this has happened so often with Cellnet that we are going to refund your money immediately."
   We chatted about the fact that it was harder to get through security to cancel the card than to take money out on it, she agreed wholeheartedly. I am shocked to find that, nearly a year later, this is still happening. There are well established ways of making moderately secure 'owner not present' transactions; why on earth is Cellnet not using them? How can this be legal?
   Good luck in nailing them!

PS to my immediately preceeding email - I didn't mention that the Switch card on which the fraud was perpetrated was in my possession throughout. I now zealously guard my till receipts!

As I replied to JR, sadly, that won't help much, since the same (in some cases even more) data are printed on the shop copy of the receipt, and this is the source of most of these frauds. The shop assistant has a till-full of all the details needed, to read and key in at leisure, however careful you are with your copy. It's particularly disgusting that BT Cellnet try to put the blame on the "careless" shopper, and not on their own insecure system or their dishonest customers. That attitude is what really got me going in this campaign.

The new three-digit security number (by the signature strip) is supposed to get round this, but it's not exactly rocket science for the shop assistant to make a surreptitious note of it.

21. August 2001 : MW writes:
I have just recently found your website and I am astonished that this is such a big problem.
Yes I can confirm that the fraud is still going on. I was stung for 30 from my Halifax Bank Account on the 25th July 2001. BT Cellnet - Slough (Less than one month ago).
   You have my full support in all you are doing. Although from your other correspondents emails I can see that no one ever seems to get any sensible and coherent advice from BT Cellnet we must keep alerting them every time it happens otherwise they will believe that they are beating this fraud, which they are most definitely not.
   I have copied this email to their customer services - COME ON BT CELLNET, GET YOUR FINGERS OUT AND DO SOMETHING!

MW wrote again later the same day :
I have just read some more of your web site and found that you had no response from Northwich police. I myself on the instruction of Halifax Bank went to Northwich police station and was given very short response in a similar vein to you. Nothing to do with us as technically no crime has been committed.

You can read my own experiences with the Police here.

20. August 2001 : MS writes a very detailed message:
Thanks for going to the trouble of putting such an excellent web-page together. It has given me some comfort and satisfaction over the past week to know that others have the same problem as I have had.
   About 8 weeks ago, Orange Prepay rang me to say that someone had tried to top up an orange phone using my Switch numbers. I was very impressed with the care and attention with which Orange dealt with me. They went to the trouble to advise me to change the card and warned me that although Orange had caught this person out, others ("BT Cellnet for example, are not as security conscious") would not.

This is quite correct, and the present case is a perfect example. Fraud on the Orange network is extremely rare (at least as far as our correspondents have reported) and this is precisely because Orange have human intervention in the top-up process. Cellnet could adopt such a system, but they've refused to do so (in spite of criticism from APACS and the banks) on commercial grounds. They prefer to gain market share, at the expense of their more scrupulous competitors, and of course at the expense of their fraud victims, by making the top-up process as easy as possible for them and their customers.

I immediately contacted my bank (Halifax) who reluctantly changed my card. They said this type of fraud was common but would probably only happen to me once. They promised to reimburse me should anything happen further. My card issue number changed and the security numbers on the back changed.
   However, on August 1st - some 8 weeks later - I noticed that 30 had been debited from my account and paid to BTCellnet top up, Slough. I rang them and they were quite uninterested as I was not a customer of theirs! They refused even to take my name and address! The Halifax reluctantly closed the account ("it is expensive to change account") and so at the moment I am without a usable bank account.
   What really alarms me is that BTCellnet top-up staff tell me that once a card is registered with them, they will continue to take money from it, even if (as in my case) the issue number, date of expiry and security numbers on the back have changed.
I emailed BTCellnet last night and have received a stock reply today in which they say that their security is adequate and that they do ask for issue number, expiry date and security numbers on the back! What's the point if they don't check them!

BT Cellnet's inconsistency in their answers is infuriating, and clear evidence that they are not always telling the truth.

I will get my money back but via the Halifax and via a lot of hassle! I suggested to BTCellnet that I want the stolen money back from THEM but they said that was impossible.
Of course it's not impossible! It's perfectly feasible, since if Cellnet can take your money from your account, they can just as easily refund it. This is, after all, what happens if you return goods to a shop, and get a refund on your credit card. BT Cellnet deny it, because they don't want the hassle or involvement, and, perhaps, because they think it's clever to pass the responsibility back to the banks.

I suppose people in similar circumstances could consider deducting amounts from their BT home bills as compensation! This would eventually bring the matter to the attention of the public and perhaps the courts!
   I note with incredulity that most shops still print the switch details on receipts and their own copies for all to see. (BTCellnet said the thief could work in the Halifax!). Some receipts now have 4 digits blanked out (What a good idea!!).

As I replied to MS, we've had previous correspondence about this. Iceland (the frozen food people) were among the first to introduce this security measure. I gather that it's still a requirement for the shop copy to carry all the details in case of loss, corruption etc of the electronic data, and to resolve customer disputes. After all, the shop legitimately needs a means of proving that the customer made the transaction. Otherwise, we could all go round denying it, and demand refunds from our card issuers, and the shop would have a hard time substantiating the debt. It follows that the shop assistant still has access to all the information needed to carry out the scam (and even if a note needs to be made of the 3-digit security number on the stripe side of the card, it's hardly rocket science). I've been told repeatedly that the vast majority of such fraud is by shop (and especially petrol station) staff.

I also note that Marks and Spencer kindly have a waste paper bin for discarded receipts at the end of every checkout for you to put your prized bank details in. Potential top-up thieves can then take a handful!
However, I believe M&S are also deleting the numbers now.

I see you have updated your web pages. I'll go back to them and have another look. Again, thanks for all your hard work. It seems things are improving slowly but the problem remains!

16. August 2001 : IS writes:
I'm pleased to see someone takes this fraud seriously, obviously BT don't !!
   I'm not a great checker of my bank statements but last month (July) I did, to find a debit of 30 to BT Cellnet Prepaid. Fortunately my building society (Nationwide) reimbursed me the 30, cancelled my card, re-issued me another and are investigating the crime further.
   The more people are made aware of this scam the better -- keep up your good work.

On 14. August 2001, JP copied us with her complaint to BT Cellnet about top-ups : "As a BT Cellnet user for my personal mobile I am absolutely disgusted with your customer services and indeed your service for topping up a pay as you go mobile telephone".
There was a lot more in the same vein, but it's not really the subject of our campaign. Ironically, it's Cellnet's rather primitive attempt to improve the security of their automated procedures which has led to the restriction on card use which is causing such problems for JP.

On 10. August 2001 we had an e-mail from FW, who "spent April and May in England this year and since returning to Canada have been debited by Orange Just Talk for seven charges of fifty pounds each on my Royal Bank of Canada Visa card. I found your web page by searching for O.J.T. on the internet and would like to compliment you for the work you are doing".
Not Cellnet, for once, but Orange, who've generally had a good reputation as far as fraud is concerned. Perhaps this is something for them to watch.

8. August 2001 : PL writes:
My wife and I are also unhappy victims of this fraud. We were checking through our most recent bank statement and found a 30 card charge to BT Cellnet Prepay (neither of us have Cellnet phones). Checking back we found a 20 charge to One2One. We contacted our bank who have advised us to contact their Fraud Branch first thing tomorrow morning.
   Thanks to your site we hope we can nip this in the bud before it goes any further.

PL received a stock e-mail reply from BT Cellnet Customer Service a couple of days later, which included the ridiculous assertion that "the only party suffering monetary loss is BT Cellnet, but we will have no other liability to you, for inconvenience or otherwise". Well, that's plainly untrue, like so much we hear from BT Cellnet. If the victim has to write even one letter, or make a phone call, to alert their card issuer and get a refund, some monetary loss will be suffered by the victim; and, as has been pointed out many times (and Cellnet admit in their statement) Cellnet won't compensate victims for that, nor for bank charges and other costs which are sometimes the result of Cellnet's unauthorised debits from victims' accounts.

BT Cellnet's statement goes on: "Once the process has been completed, BT Cellnet will trace the number of the mobile that received the unauthorised credit, and place a bar on it. The bar will render the phone useless, and will not be removed. I hope this is of some consolation to you in the circumstances".

Well, I wonder. Our thanks to PL for passing this on.

8. August 2001 : Here's a long message from a bank employee, who works in their credit card fraud department and is in a position to know about this scandal:
May I say how interesting it was to read your website re Cellnet mobile phone fraud. I work for one of the main large banks in the credit card fraud department (please do not print my name anywhere, in case of problems!!) and I wholeheartedly agree with your views. I spend hours dealing and investigating with mail order fraud on 121, Cellnet, Vodafone, Orange and more recently, Virgin and I am also very tired of it going on and on and on. Admittedly the problem is not quite as extensive as it was say 1 year ago, namely for the fact these companies only now let a mobile phone to be topped up with a credit card once a month, instead of every day, as was the case . BT did promise the banks that they would sort this fraud out by the year 2000 as it was highlighted by the banks as a major problem in 1999. They advised it would be too expensive to change their system in 1999 as they were bringing in a new system 01/01/01, hence the blocking of once a month, which is highly inadequate and still is.
   My gripe is the flack and the abuse I have to suffer from our customers, the victims, who I can understand are upset but because they do not understand the system, they attack their own banks, saying we authorised the charge, we let the charge go through and why didn't we notice the charge. Unfortunately, our credit card holders do not realise it is not the bank's fault at all and we can't monitor 6 million cardholders accounts personally for transactions, although, through better detecting in our own bank's system, we have alerts in place which pick up the first authorisation as it goes through and we contact the genuine cardholder to do a security check. However, this still does not stop the initial fraud and also the inconvenience of stopping the account at the customers and the bank's expenses. Personally if the mobile phone companies will not improve their security, I would at least like to see them liable for the charge of stopping every credit card account and resending another card on a new account. They are already liable for every fraud charge that goes through as the banks ensure the charges are returned but alas to no avail, they still do not seem to want to protect their own losses too!
[...]
   Anyway, I hope this may hold some interest to you but obviously I have to be cautious in view of the fact I work for 'the other side' in a sense!!
   Thank you and good luck with your campaign.

PS, I have been reading some of the letters from victims, and comments saying there hasn't been too much fraud with 121, can I add that fraud with 121 is rife!! and possibly on a slightly larger scale than BT Cellnet. Orange is the best (if any fraud, just a one off fraud charge), Vodafone seems to have died down a bit but the new contender lately seems to be Virgin.

Our campaign refers specifically to BT Cellnet fraud, since it was Cellnet who ripped me off (four times), and so it tends to be Cellnet victims who find our website and write in. We recognize that the other networks, apart from Orange, cause their own share of trouble. Only Orange seem to have a responsible attitude to third party security. Cellnet could adopt a similar strategy, but instead they put market share ahead of morality. How ironic, then, that they have now been overtaken by Orange!

7. August 2001 : RW writes:
I too have had money taken from my account by BT Cellnet on the 9/7/01. I have informed my bank and the police.

31. July 2001 : AG writes:
Just a quick message having seen your site on the internet - I'm on holiday in Vietnam and have just noticed 2 unauthorised transactions on my Barclays current account - both debit card transactions (30 and 20 pounds) to Cellnet and One to One. I'm going to report this to my card services company but would be interested to hear from you.

It's a pity when someone's holiday is spoiled by BT Cellnet's callous and cynical refusal to address their deliberate fraud problem, which they have allowed to proceed unchecked for two and a half years.

23. July 2001 : DS writes:
Sadly - this card fraud is not a thing of the past - I visited Strathclyde Police today in Giffnock, Glasgow and they gave me your web address to add my comments to.
   I have just had a 30 deduction from my debit card for a BT Cellnet Prepay card - which I don't own. I found the most frustrating thing is when you try to talk to someone - all the BT Cellnet numbers are automated and ask for your mobile number. If you don't have a number - which in the case of this fraud is the case - it is very difficult to find a 'live person' to speak to. When I did - there was no surprise from the operator - he immediately, without prompting, asked if it was a pre-pay and for 30.
   I don't yet know how my number was found - be it a receipt found or if someone just struck lucky with my number - but we'll soon find out if it continues.
   At the same time - almost everyone I spoke to had heard of this fraud, if not actually experienced it first hand. I will keep an eye on your page with interest.

It's interesting that Strathclyde Police are already familiar enough with this problem to refer victims to our website; and, of course BT Cellnet are now well versed in how to deal with complaints.

18. July 2001 : HZ writes:
I have noticed from my credit card statement that my account have been deducted 20.00 on 16th July 2001 by BT CELLNET PREPAY SLOUGH. By visiting your website, I believed that this fraud has happened to me. Since it is the first time I get to know this kind of thing and I am a student from China, I don't what I can do about it. And I don't know how can I get the money back from my credit card company. Could you give me a reply at your earliest convenience and advise me what can I do? I shall appreciate your kind help.
I support your campaign!

HZ wrote again:
Thank you very much for your email and kind advice.
With the help of your website, I've already claimed the money back from my credit card company and received my replaced card. I shall try to complain to BTCellnet even it is useless.

4. June 2001 : BH writes again (See 13. May):
Its happening again!
Two false ones today - Cellnet and One2One.

He's not happy, and has again written to BT Cellnet Customer Service <CustomerService@btcellnet.net>:
"I am afraid that your response does not reassure me. I have now had a further fraudulent transaction made to BTCellnet Prepay which means that for the second time in six months I have the hassle of having my card account cut off until a new card can be issued.
   "I don't believe that your company is taking this issue seriously enough. As far as I am concerned it makes me think that if this is the way you treat potential clients why would anyone want to have anything to do with any division of BT? I know I am not alone in this opinion - articles in the press and on the internet make it clear that this problem is widespread. Even my credit card company as soon as they saw this fraudulent transaction and another from one of your competitors said 'Ah yes we have a problem with those two firms'."

Quite. Richard Tyson-Davis, of the Association for Payment Clearing Services, which looks after the automated transfer of funds on behalf of the big banks, identified BT Cellnet as one of the most problematic networks, and has previously stated that their system is "unacceptable" and "an encouragement to fraud".

2. June 2001 : GP writes:
By chance I looked at my bank account this morning, and found a 30 debit to BT CELLNET PREPAY SLOUGH dated yesterday (June 1st), using my Debit Card number. This was immediately identifiable as fraudulent, since I don't own a Cellnet mobile.
   Quick search of the internet for a number to report this to BT Cellnet turned up your page, and the extent of the problem! Informed my bank LloydsTSB (they are well aware of the problem, and will recredit my account). They will also issue new cards, and stop the current ones.
   Called the police at the local station - they are also well aware of the problem, and are sending an officer to take a statement.
[...]
   The modus operandi in this case was that an employee (now an ex-employee) at a local garage noted my number when I bought petrol, and passed it on to a third party who actually used it. More details as I find them out.
   Reports in the local newspaper suggest that this is quite extensive - another individual has just received a 15 month sentence for his involvement in the same scam.

You can read about the newspaper article, and find a link to their website, on our media page.

But, of course, when I tried to report the fraud to BT Cellnet, their offices were closed - will try again on Monday when they re-open, though have little hope of any action on their part, given their inaction over 2 years.
Keep up the good work.


Return to top of this page or continue to earlier correspondence (page 2 of 3)

Website
©
Cellnet Home page E-mail to us if you have something to say about this!
[Cellnet fraud index page] [Site directory] [Home page] [E-mail us]