"The xx product you purchased is not qualified for quality inspection, and you are ready to apply for a refund..."
"Your courier is lost, you can pay the full amount of the claim..."
Have you received a similar text message recently? After the online shopping carnival, you who have just been freed from the "marketing SMS bombardment" may be targeted by scammers again.
During this year's "Double Eleven" period, the Aoyi measurement team found through the monitoring and investigation of the consumer environment that in addition to the chaos such as "price chain set" and "live pre-sale pit people", various marketing and fraudulent TEXT messages also took the opportunity to target consumers.
Before the "Double Eleven" festival, the crazy marketing text messages were annoying; after the "Double Eleven" festival, scams that used online shopping and refund information to set "traps" occurred frequently. All kinds of marketing and scam text messages are derived from personal information leakage.
"Can't refuse" marketing text messages
On Double Eleven this year, Miss Fang (pseudonym) received a total of 27 marketing text messages, but when browsing, she found a strange thing: a Taobao store called "Zhou Black Duck Food Flagship Store" sent herself a Double Eleven marketing text message, but "I have never purchased any goods on it, nor have I subscribed to the store." Mr. Ye (pseudonym), who received 68 marketing text messages during the Double Eleven period this year, also told reporters that he encountered the same situation, and of the 68 text messages, 5 came from businesses that he had never consumed.
When do I usually receive marketing sms from merchants? The reporter asked the platform customer service, Taobao and Pinduoduo customer service responded that "after buying products or subscribing / following the store, you may receive marketing SMS", will the store that has not purchased or followed send marketing information? Taobao and Pinduoduo customer service did not respond positively; Jingdong customer service clearly stated: "After buying products, we will receive them."
The reporter checked the user service agreements of each e-commerce platform and found that when users registered for the e-commerce platform, marketing TEXT messages were quietly "bound" to users. Most platforms will display the relevant agreements and will send commercial information such as advertising promotions and promotional offers to users through SMS. Moreover, the relevant agreement mentions that if you do not agree to any of the terms, you cannot complete the registration process.
The membership rules of "Zhou Black Duck Food Flagship Store" show that the opening of members requires authorization to agree to receive store information.
The customer service mentioned that "subscription/concern stores may also receive marketing SMS" is because the relevant privacy agreement of store member registration will "know and agree" that the user will send store marketing information through channels such as SMS, as a precondition for users to open membership and enjoy services, and this condition cannot be skipped and cannot be selected "no".
Is this act reasonable? Gao Yandong, a public policy researcher in Zhejiang Province, told reporters that the act violated the user's right to privacy and right to know to a certain extent. Article 23 of the Personal Information Protection Law stipulates that where a personal information processor provides other personal information processors with the personal information they process, it shall inform the individual of the recipient's name or name, contact information, purpose of processing, method of processing, and type of personal information, and obtain the consent of the individual. Therefore, "where personal information is processed based on an individual's consent, that consent should be made voluntarily and explicitly by the individual under the premise of full knowledge, rather than a general consent." ”
How is personal information leaked?
Why do "unspentified, unsubscribed stores" also send ads? Some insiders told reporters that in addition to the imperfect agreements related to the platform and merchants, it may also be due to the leakage of personal information. Fu Liang, an independent telecom analyst, pointed out in an interview with Aoyi News reporter before: "Because of social and other needs, personal phone numbers have become semi-public information, which may be obtained by merchants from some public channels, and once personal information is illegally used by criminals, it will produce harassment and even fraud." ”
In fact, every year "Double Eleven", there will be many cases of telecommunications fraud. The reporter learned from the Guangzhou Anti-Fraud Center that during this year's "Double Eleven" period, impersonation customer service fraud is more common, and it has three branches: impersonating express customer service, impersonating online shopping customer service refund and compensation, and impersonating online shopping customer service cancellation fraud.
According to the "Ping An Guangzhou" news, Ms. Lin of Guangzhou received a call from the "online shopping platform customer service", and the other party said that the quality of the products ms. Lin bought on the online shopping platform was problematic, and she could now apply for a refund claim, but she needed to cooperate with it. Ms. Lin was credulous, so she added the other party's QQ, and the other party let Ms. Lin receive 300 yuan in the reserve fund of Alipay, and she must not be able to receive more. Ms. Lin opened Alipay's reserve fund according to the other party's guidance and found that there was 500 yuan, and the other party said that she maliciously received 200 yuan more and needed to return it. Subsequently, the criminals also claimed that Ms. Lin had timed out due to malicious collection, and asked her to turn on the screen sharing function to verify that it was not malicious collection. Next, "customer service" sent a refund link for Ms. Lin to fill in the bank card, ID card, password, verification code and other information to handle the refund procedures, Ms. Lin operated according to the guidance of the other party, and soon found that more than 20,000 yuan on the bank card was transferred, with a total loss of more than 20,000 yuan.
Coincidentally, Chen Yanfei, a police officer of the intelligence brigade of the Guangzhou Nansha Public Security Investigation Department, also received a call from the "customer service" of the online shopping platform during the Double Eleven period, and the other party said that her courier was lost and wanted to compensate her. "In fact, at work, I will also be exposed to the scammer posing as a customer service to refund the money, but I did lose a courier..." At this time, the scammer contacted Chen Yanfei in the name of customer service, reducing her vigilance. This shows that my personal information was leaked in the logistics process. ”
After that, the fake customer service guided Chen Yanfei to carry out "refund operations" and tried to defraud Chen Yanfei's property through adding groups, disguised loans, transfers and other routines. Chen Yanfei's six-year work acumen as a police officer alerted Chen Yanfei at this point, and she realized that this was a typical scam of impersonating customer service for refunds, and immediately stopped the operation.
Increase the cost of violating the law and block the source of information leakage
It's either marketing or scams! In response to the chaos of the marketing SMS of the e-commerce promotion and shopping festival, the relevant departments have repeatedly intervened to rectify it. In 2021, the Ministry of Industry and Information Technology held an administrative guidance meeting on SMS marketing behavior on the eve of the "618 and Double Eleven" shopping festivals to regulate the behavior of e-commerce companies sending marketing SMS. The administrative guidance meeting on the eve of this year's "Double Eleven" clearly requires e-commerce platforms to self-examine and self-correct, and not to send marketing sms without consent.
E-commerce platforms have also launched services to help users block marketing SMS. Taobao Tmall customer service said that just fill in the service form, provide the correct mobile phone number to unsubscribe from marketing SMS and phone; Jingdong customer service said it can help intercept marketing SMS from Jingdong's self-operated stores; Pinduoduo customer service said that just provide mobile phone number to choose to turn off marketing or logistics SMS.
In response to the leakage of personal information behind it, the regulatory side has increased its rectification efforts. On September 1, 2021, the Data Security Law came into effect, and the Personal Information Protection Law came into effect on November 1 this year. At the legal level, a "security lock" has been added to personal information.
Gao Yandong pointed out that in the Internet era, personal information is an important source of profitability for many units, and it is also a major source of personal information leakage, "can be collected, the more the merrier" is the design idea of most apps. In order to curb the leakage of citizens' personal information from the source, it is necessary to reduce the scope of personal information collection and strengthen the management responsibility of the collection unit. Enterprises should strictly abide by the "minimum enough" collection principle, and the regulatory level should pursue the "strictest responsibility" for violating units. Only by pursuing the principle of "the least collection and the strictest punishment" can we urge the collecting units to use personal information as both a profit channel and a source of risk, so that the digital economy can become a security industry that the people are satisfied with. The protection of personal information is not a one-day effort, and creating a good information security environment requires the joint efforts of all sectors of society.
Producer: Xie Yanxia
Planner: Xie Jiangtao Gao Chunming
Coordinator: Guan Yuhui
Written by: Zhang Jieying
![The police smashed 21 malicious harassment platforms such as "Thunder" and "Mad Dog SMS"[fig]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)