April 10, 2017
Services that organize access to paid content using WAP-click are provided by many network providers. They actively use numerous partner programs that allow website owners to monetize mobile traffic. For example, MegaFon announced a new WAP-click technology in 2012. The provider marketed it as a service “that allows MegaFon subscribers to purchase audio, video and graphic files under a simplified procedure on websites belonging to the company’s partners and to use services that do not require loading”.
This technology is simple: a mobile web user is redirected to a webpage containing a message advising them that they must pay to access the requested content. The webpage is equipped with a button that subscribes the user to the paid service when they click on it.
Soon this service became a matter of discussion both among users and on the pages of online media: in particular, WAP-click has been mentioned by VC.RU, Apple Insider and many others. One of the users even prepared a petition, demanding that network providers ensure that paid subscriptions are confirmed via SMS.
And, the subscription is available for all of the users in the mobile provider’s network. Owners of USB modems have also fallen victim to unauthorized subscriptions and search for solutions to this problem on their own: some of the solutions are described in detail on such websites as http://vsyako.blogspot.ru/2014/06/podpiski.html and https://антиподписки.рф. For Windows users, one of the suggested methods of combating paid subscriptions is by making the corresponding changes in the hosts file. Initially the recommendations suggested limiting access to wap.megafonpro.ru, the website through which subscriptions are processed. Perhaps, this method was effective for a while, but later it was discovered that MegaFon owns a number of other domains with the same functionality:
|18.104.22.168||moy-m-portal.ru||ns1.misp.ru||North-West Branch of PJSC "MegaFon"||2016-04-07T15:00:38Z|
|22.214.171.124||propodpiski.ru||ns1.misp.ru||North-West Branch of PJSC "MegaFon"||2016-05-10T11:39:21Z|
|126.96.36.199||mfprovas.ru||ns1.misp.ru||North-West Branch of PJSC "MegaFon"||2016-05-10T11:39:22Z|
|188.8.131.52||vasmfpro.ru||ns1.misp.ru||North-West Branch of PJSC "MegaFon"||2016-05-10T11:39:22Z|
|184.108.40.206||propodpiskimf.ru||ns1.misp.ru||North-West Branch of PJSC "MegaFon"||2016-05-10T11:39:23Z|
|220.127.116.11||promfvas.ru||ns1.misp.ru||North-West Branch of PJSC "MegaFon"||2016-05-10T11:39:23Z|
|18.104.22.168||vasmpro.ru||ns1.misp.ru||North-West Branch of PJSC "MegaFon"||2016-05-10T11:39:24Z|
Let’s review a real example of WAP-click technology at work. Doctor Web specialists conducted an experiment that reflects their experience using MegaFon’s mobile Internet. Let’s assume that on the eve of the summer growing season a user intends to plant onions in their vegetable garden. Naturally, the best way to do this is according to the instructions our gardener found via a Google search. The search request “how and when to plant onions” pulled up a link that seemed to meet the user’s needs.
A special script is embedded in the HTML code of the website the link leads to. This script identifies the user’s network provider. In our example, all the following actions are performed only for MegaFon subscribers.
When attempting to go to this web resource, a chain of automatic redirections is executed. It consists of at least 5-7 intermediates. This chain ends on an online subscription site belonging to MegaFon, according to data provided by WHOIS.
Information on the subscription service page clearly warns that the user must pay 30 rubles per day to access the website they need. The payment to view the web resource is explained by the presence of “articles and news intended for personal use”. However, in some cases, for example, on devices with high-screen resolution (a tablet or computer with a connected USB modem), this important warning becomes less noticeable. The visitor may simply miss this text in small print.
Even if the user agrees to the proposed terms and conditions, they will not see information on onions anyway. After clicking the subscription button, they will be redirected to infonews24.ru via another chain of redirections. This web resource belongs to LLC Informpartnyor (http://informpartner.com). The user will then receive an SMS notifying them that they subscribed to the paid service successfully. It’s worth noting as an aside that owners of USB modems that don’t support SMS notifications will not get a message telling them they have successfully signed up for a service—they will only find out about it when they get the bill from their network provider.
From the moment the subscription button is clicked, the user’s account is charged 30 rubles daily, even if they have not visited the paid website, used the Internet or even turned on the phone.
It is not that easy to unsubscribe from paid access to web resources. For several days, our specialists sent USSD requests from a mobile device in order to determine the presence of paid content services. However, the SMS replies from MegaFon stated that the given subscriber number had no active subscriptions.
We have observed the exact same result in the “Dashboard” of a MegaFon user, regardless of whether we logged in with a mobile device or via a desktop, and on the special website http://podpiski.megafon.ru: no mention was made about paid access to web resources. In our case, subscription information appeared in the “Dashboard” only several days later. In the interim period, the subscription fee was charged daily.
MegaFon itself offers its users a special content account designed specifically for the debiting of subscription payments. This account eliminates any chance of spending money from the user’s main account. To get this free service, users must contact the technical support service or visit the provider’s office.
There is also an alternative method of avoiding WAP-click subscriptions—MegaFon suggests sending the special request “УСТЗАПРЕТ1” (“USTZAPRET1”) to its service number. However, it should be noted that this ban on subscriptions is valid only for 90 days, after which a MegaFon user can once again accidentally subscribe to some paid service.
If you notice that funds are regularly being debited from your mobile account, you should absolutely check whether you are being charged for any paid subscriptions. It is also recommended that you connect a content account in order to keep the funds in your main account with the mobile network provider secure. Doctor Web advises you to be alert when using mobile Internet, and in case you discover you have accidentally subscribed to some paid services, it is recommended that you cancel them as soon as possible—on your own or by contacting your network provider’s support service.
Tell us what you think
You will be awarded one Dr.Webling per comment. To ask Doctor Web’s site administration about a news item, enter @admin at the beginning of your comment. If your question is for the author of one of the comments, put @ before their names.