Skip to content

No, this isn’t quite what is being said

Ban text scammers from buying Sim cards without ID, says policing chief

What is actually being said is that no one should be allowed to buy a phone without ID because some of them will be scammers:

High street stores must be barred from allowing text scammers to buy phones and Sim cards without proof of ID, says the new police watchdog.

In an interview with The Telegraph, Andy Cooke, the new HM Chief Inspector of Constabulary, said the failure to crack down on “burner” phones and Sim cards that can be freely bought on the high street without ID was fuelling “serious criminality”.

He said the registration of a person’s ID for any purchase of a mobile phone or Sim card should be a legal requirement to help police curb the surge in fraud and combat county lines drug gangs who use the phones to run their illegal businesses.

The correct response to which is “Fuck Off, Copper”

28 thoughts on “No, this isn’t quite what is being said”

  1. Many countries already demand ID when buying SIM cards. Whether it’s effective at cutting crime is not established.

  2. Not to mention being racist, since as we are told by the left, ethnic minorities are too stupid to have any form of ID.

  3. I’d like to find whoever came up with the term “county lines drug gangs” and kick them in the throat.

  4. Of course a fraudster couldn’t possibly get hold of a fake ID…?

    Seriously though, I can’t imagine most fraud is carried out from a phone bought in the high street… Wouldn’t be a call centre in Mumbai – probably fully automated…?

  5. @Andrew M
    It isn’t. You can tell this because if it was, or even if there was the most tangential correlation in favour, it would be being shouted about. The silence is deafening…

  6. The idea that mobiles “fuel crime” is ridiculous. Assist crime maybe, just as cars can assist crimes, but “fuel” is a usage that should be criticised and ridiculed any time it’s used.

  7. The job of the Inspector of Constabulary is “to assess and report on the efficiency and effectiveness of police forces in England and Wales” not to make up new laws. We’ve got more than enough politicians sticking their noses in already.

  8. Oh, come on, it’s easy to see how registration of guns has helped to ensure there’s absolutely no gun crime, after all, so why not SIM cards?

  9. In South Africa, you need ID and proof of address before buying a sim card. This has contributed to SA being one of the least criminal countries in the world.

  10. Back in the day when you had to provide an address to buy a TV, lots got registered to 10 Downing Street or Broadcasting House. Same sort of nonsense would happen if you instituted ID requirements for SIM card purchases.

    The guys in the shops would just take details out of the phone book or if copies of ID were required they would just photocopy the ones left by other customers.

    When I lived in Malaysia where ID was a requirement for getting a SIM, you’d periodically find a new PAYG SIM added to your account paid for by cash. It didn’t cost anything since it was all cash paid up front, but it clearly showed that the Celcom shop staff (who were paid peanuts) were incentivised to make sales rather than comply with the law and that’s what they did.

    Another aspect would be fraudsters buying SIM’s left-right-and-centre using fake or stolen ID and then reselling them for a markup on eBay or wherever.

    Stupid laws will always be ignored.

  11. SIM cards? Get in the real fucking world. Go to a free hotspot, connect to a VPN in a foreign country, and that’s about the end of the line.

    Even if you can get that person A connected with person B over secret chats on Telegram, all you know is that they talked. The message content is peer-to-peer encrypted, so Telegram can’t tell you the content, even if they wanted to. It might lead to more investigation work, but we’re really going to throw lots of coppers at a satchel of puff?

    The harder it is to do, the sooner we get it legalised. I started thinking of whether there could be a device that could destroy your weed at the push of a button. Coppers pull you over, you press a button and your little stash gets covered in something (acid, chemicals) that destroys the evidence. Couldn’t sell it, but I could put the designs on GitHub and let everyone build one…

  12. Speaking as an entrepreneur, all in favour. There’s a useful market in unattributable SIMs in countries require ID’s to purchase. Why deny the opportunity to make a living? It’s all about creating jobs we’re regularly told.

  13. This is bollocks.

    Firstly as noted elsewhere a person who wants a burner phone will simply get a fake ID or steal an ID or similar.

    Second the operators could, if they wished, identify text scammers trivially and block them. Now you might need a change in the law but identifying a scammer is dead easy because they send hundreds of (almost) identical messages within a short period of time (seconds or minutes usually) to hundreds of different numbers. This is entirely different behavior to that of regular users who send several different messages to a small handful of numbers. Note that the carriers can see the text messages (there’s no encryption) so they can easily see that the messages are (almost) the same

    Getting ID may help track drug mules and other low level criminals of one sort or another but it simply will not stop the more serious crooks (who will use fake IDs) or the text scammers (who will use fake IDs and have a very easily identifiable usage pattern).

  14. High street stores must be barred from allowing text scammers to buy phones and Sim cards without proof of ID, says the new police watchdog.
    I very much doubt there text scammers wearing their their thumbs to the bone texting scams on mobile phones. They’re generated by software & can be sent on landlines. The displayed sending number is a product of the ware. The message itself may come from anywhere in the world.

  15. High street stores must be barred from allowing text scammers to buy phones and Sim cards without proof of ID, says the new police watchdog.

    Maybe the Police should do the job that they are employed to do (like chasing scammers) instead of hunting down people who have been rude on Twatter? Passing the buck to High Street retailers for the police doing a shit job is just weak.

  16. As to both Spammers and Scammers (i.e. people using bulk SMS tools to send out vast quantities from a small number of phone numbers), isn’t that a matter of OFCOM kicking the phone companies arse into action? I can’t imagine that it’s that difficult technically to achieve. I’m presuming that the reason the mobile phone operators don’t do it off their own back is that it brings in revenue or boosts their subscriber numbers?

  17. @John Galt
    Not really, the issues arn’t technical. Interfering with, even inspecting, customer text payload is legally difficult, and no system is 100% perfect, so you’d reject some legit texts and have angry customers complaining in the Grauniad.

    But it’s futile: why play ‘Whack-a-mole’ with customers money?

    Mobile phones use an international signalling system called SS7. A text message is sent in a single packet over SS7 (technically, a MAP ForwardSM-MO).
    There is no authentication or security of any kind at all. The strong authentication of SIMs is bypassed in this case.

    Someone who wishes merely has to inject these messages with the payload of their choice, and the sender MSISDN of their choice. All the messages are sent and charged to the stated MSISDN. Yes, really.

    No mobile or SIM required, so no need to fake an ID even for the Stasi.

    Injecting an SS7 message needs either a compromised platform, or an insider, or you can rent such access openly. Plenty do, for this, and more nefarious porpoises.

    Somewhere on that beach, there’s a grain of sand that’s just the right dodgy shade of grey…

  18. @TtC
    I’d imagine that’s connected to there being a whole industry around generating legitimate spam advertising messages which are unblockable because the display number is variable.

  19. To reassure John Galt, sort of, the MNO do try and de-spam SMS, but it’s whack-a-mole, the spammers are very fast and good at gaming whatever filter criteria are deployed.

    Looking for lots of identical messages from a single sender?
    – vary the sender MSISDN
    – vary the wording.
    – use standard crypto techniques, like preamble and postamble, to move the spam contents around in the payload. (Look up Battle of Leyte Gulf and “The World Wondered” :))

    Billions of texts per day. Since most are inbundle, the revenue generated from legit texts is low, so this is a game you are doomed to lose.

    4G has better inter-network security, so maybe one day….if people are still using steampunk SMS by then.

  20. @BiS
    And like all wars, the players on both sides lose, but there’s good money to be made in supplying the arms. Ahem.

    NB on the same idea, there’s a lot of activity trying to block calls with fake CLI i.e. spoofed ‘calling’ number.
    Again doomed, and very damaging to legitimate users.

    CLI is as reliable as the company address on a letterhead: it’s whatever you want it to be.

    The only answer to these frauds is for people to stop being taken in by them, hence the monetisation will vanish. But never bet against the stupidity of the public.

  21. @TtC
    Technical question, just out of personal interest.
    I sometimes have incoming calls display a number with about twice the digits of our country mobile system. Don’t seem to relate at all to our system having a 6 or 7 prefix. A hitch in the false number generation?

  22. @BiS
    S[cp]ammers not caring. They probably just have a list of numbers that they send to and don’t know/care what country the targets are in, or what that country’s numbering scheme is. Much like phishing emails almost always having glaring spelling and/or grammar errors.

  23. “CLI is as reliable as the company address on a letterhead: it’s whatever you want it to be”

    I used to get (and still do) frequent phishing calls on my landline. At one time they were invariably “International” or obviously bogus numbers, but more recently they’ve become genuine looking UK numbers. This may be because so many people like me have got Call Blockers, and they hope that a cosha number might encourage people to answer. Whether the scammers have access to UK carriers “Dead” numbers lists, or they simply don’t care, I don’t know. After all, cloning genuine vehicle registrations is common enough, when avoiding fines etc…

  24. @BiS
    Probably just careless scammers, not trying to hard to make the CLI look plausible.
    But it’s just possible it’s a badly configured PABX: these still exist and are supposed to append a publicly dialable CLI on outgoing calls: either of reception, or for the originating extension. But lots of scope to set up wrongly.
    There are various protocols for interconnect, and both the formats, and the number of CLI fields, vary across them.
    To add to the fun, telephone numbers come in different types (National, International, Network) and sometimes systems attempt to convert one to t’other. Lots of scope for weirdness. +4444…. and +440044…. are ones I’ve seen

  25. And I should mention the obvious scam: using a premium-rate number as CLI, so if you ‘press 5 to return this call’ you end up being charged £20 or such.

    @Dave Ward
    Legitimate telemarketers and such used to use ‘number withheld’ (CLIR), but that was too obvious a filter. They are now obliged to provide a presentable number you can dial back to contact them.
    Those that are genuine of course: the scammers just invent UK numbers that look plausible, and may be/probably are, in use by a valid line.

    But to to return to the OP: this is trotting out the old “Papers Please” dream of the Mr. Hodges everywhere. And of course, you will need a national ID card to support this: a role already being drafted for internal passports and driving licences. Tried transferring a large sum of money recently?

  26. Tim: tried applying for a job nowadays? I had to have a video call and hold up my passport next to my face, and *also* take my passport into the office on my first day.

Leave a Reply

Your email address will not be published. Required fields are marked *