EE points scam: fraudsters target customers again with fake competition texts

Scam text messages attempt to steal your data by directing you to a phishing website
Tali Ramsey

Sneaky scam messages targeting EE customers are re-circulating. 

We first reported on this scam last month when we came across at least 10 different versions of it, all of which tell you there are points in your account or you have a prize to claim.

Searches for this scam have spiked on Google, with an increase of searches for 'EE points program scam'.

Recipients of these texts should be wary, these scam texts lead to malicious sites that attempt to gather personal details and other data.

Read on to find out what these messages look like and how this scam works.

Sign up for scam alerts

Our emails will alert you to scams doing the rounds, and provide practical advice to keep you one step ahead of fraudsters.

Sign up for scam alerts
Sign up

EE points scam

A scam text impersonating EE
A scam text impersonating EE

In the example above, the text is sent from a random mobile number and tells you that ‘there are 5,340 points in your account that were not successfully used due to system failure’.

It goes on to say that these points will expire in ‘three working days’ and to ‘redeem your prizes in time’.

We shared examples of these texts with EE in March and it confirmed they were scams. 

It also explained that these texts weren't SMS messages, but Rich Communication Services (RCS) messages available on Android devices and powered by Google.

RCS is a type of modern messaging that uses mobile data or wi-fi and can provide a more secure platform for users with end-to-end encryption, but it is not impenetrable to scammers. 

EE told us last month that it had taken steps to block the malicious link from being opened on its network. The messages were also reported to Google in March.

We spoke to Google about the RCS messages in March and it told us that it is continuously improving its spam and abuse detection systems to help protect users. It also added that users can report a suspicious conversation as spam in Google Messages, which blocks the sender and moves the message to your "Spam & blocked" folder.

Malicious links

EE scam website

A scam site impersonating EE

1 / 4

  • A scam site impersonating EE
  • A scam site impersonating EE
  • A scam site impersonating EE
  • A scam site impersonating EE

A large collection of images displayed on this page are available at https://www.which.co.uk/news/article/ee-scam-texts-fraudsters-target-customers-with-fake-competition-texts-abnBW7i17lCn

We don't advise that you click on a link from a text message as malicious links can contain malware that will infect your device, but for the purposes of our investigation we investigated these malicious links.

One of the links we looked at took us to a website imitating EE, using copycat logos, links to the official EE social media pages and its other official business pages.

The site asks for your phone number before taking you to another page which provides instructions to ‘redeem your points’. 

You’re then given various products to choose from and asked for your home address for the product to be shipped to.

We found that these message all included shortened links to mask the dodgy URLs. 

The links we saw on these scam messages ended with either:

  • buzz
  • cutt.ly
  • rebrand.ly
  • tinyurl.com

Why are shortened URLs used by scammers?

Link shorteners are a free tool to simply make long website links shorter. These services are legitimate, but can be used by scammers.

This is because they mask the actual URL and appear as a shortened link in an attempt to make recipients less suspicious.

If you receive a TinyURL link, you can preview the full link before clicking on it by adding ‘preview’ before ‘.tinyurl’.

Cuttly also has a way of previewing links: by activating its Preview Mode, you can check the original URL before being redirected to it.

You can also check Cuttly links by putting an @ symbol at the end of the link. This will allow you to see the original URL before deciding whether you want to follow it.

We contacted Cuttly, Rebrandly and TinyURL and asked them about scammers using their tools to create malicious websites.

Cuttly told us that it has systems for monitoring and blocking links and that you can report suspicious Cuttly links using its online form.

TinyURL told us that links that violate its terms of use can be reported to abuse@tinyurl.com, so that its abuse team can remove them.

Four ways to spot a scam message

  1. It's from an unknown number - if it hasn't come from a recognised number, then be suspicious, but don't be fooled by messages that claim to be from brands, as scammers can mask their sender ID to appear more authentic.
  2. It asks for payments or personal details - scams mostly ask you to give away personal or financial information, so don't be tempted to hand this over.
  3. It contains spelling and grammatical errors - although scams are getting more sophisticated, poorly written messages are an obvious giveaway.
  4. It includes a link to follow - inspect the URL carefully to see if it matches that of the brand it claims to be from. As a rule, we advise that you don't click on links sent in text messages.

If you do receive a suspicious text that has alarmed you, don't reply to it. Instead, contact the organisation it claims to be from, or log in to your account with the company, to verify whether the text is genuine.

You can report scam messages by forwarding them to 7726. Malicious websites can be reported to the National Cyber Security Centre on its website.

If you're the victim of a scam, call your bank immediately using the number on the back of your bank card and report it to Action Fraud, or call the police on 101 if you’re in Scotland.

More on this

Related articles