Phishing via scam messages is a criminal activity that aims to gather sensitive information, such as email logins, passwords, and payment card information. Sensitive information is usually stolen via instant messages, emails or malware.
All internet users are personally responsible for how they use and protect their connection. If you want a reliable data security assessment or if you have other questions for a data security expert, contact Elisa Omaguru. Click here!
Subjects of scam messages received by our customers
A message about updating browser-based email or webmail that asks the person to sign in on a scam site.
A message written in poor Finnish telling the recipient that their email account is going to be closed down and asks the recipient to confirm a request related to this.
A message claiming that the customer’s company has been sent an invoice to OmaElisa. The message asks the recipient to sign in to the Invoices section of OmaElisa via a link.
A message claiming that the recipient’s OmaElisa account will be closed because of an unpaid invoice. The message asks the recipient to open an attached file.
A service provider or any other trustworthy organisation will never ask you for your personal data (such as your email login or password) by email.
If you have received any messages like the ones described above, you should not answer them.
If messages of this sort have links or attachments, you should not open them. Instead, delete the message.
Let us know about phishing messages you receive by emailing us at abuse(at)elisa.fi NB! This email address is only for notifications of scam attempts.
The most common scam message features
The sender address attracts attention, containing, for example, webmaster@, admin@, system@, support@, or something similar that the recipient may connect with a reliable organisation.
The contents of the message seem important and the user is asked to take action, for example, by following a link. Generally the message asks for email logins or other personal details to identify users.
The message is written in poor Finnish and individual words in English may appear between sentences.
The message is signed with an important-sounding title instead of a name, such as Network Manager, System Admin, or System Supervisor.
Order and subscription traps or surveys
An "order trap" or "subscription trap” is a widespread online practice of misleading sales and marketing in which the entrapped person is given a false picture of what they are buying and committing to. Some subscription traps lure people into subscribing for something, while in other cases consumers are drawn in with a survey, customer research or prize draw.
Usually, the survey before the trap is done in the name of a well-known and trusted company. The survey has nothing to do with the company in question, however. The purpose of the survey is to get the customer to believe that the site is reliable. After the survey, the visitor is redirected to the subscription trap itself.
If you receive a survey or Facebook ad in Elisa’s name while browsing the web, where something is promised very cheap or free of charges, there is a high probability that it is a subscription trap. In a subscription trap, the client is promised a smartphone for €1, for example. The website asks for your credit card number, allegedly to charge you the price of €1. Normal Elisa orders or campaigns never work in this manner. It is easy for the terms and conditions of the scam to go unnoticed, and the visitor may notice that they have signed up for an expensive streaming service with monthly invoices and no way to break off the contract. The visitor never receives the smartphone originally used as a lure.
Fake invoices by text messages
The Finnish Communications Regulatory Authority (Viestintävirasto) has reported that it knows of fake invoice reminders sent to mobile phone operators’ customers in the operators’ names. You should not respond to these invoice reminders.
An example of a scam message:
“Remember to pay your invoice by 15 Feb., amount, reference number xxx5778 and account number FIxx xxxx xxxx xxxx xx”. The messages usually come in Finnish and the name of a mobile phone operator is displayed as the message sender. The date and amount vary by message.
How you should act:
If you have not paid the amount demanded, delete the message
If you have paid the fake invoice in error, contact the police at tietotekniikkarikokset.helsinki(at)poliisi.fi
More information on the subject can be found online:
Remember that one wave of data phishing, subscription traps and fake invoices always follows another. In these new messages, some small part or feature of the message may change. You should always be vigilant about messages that look even a little bit suspicious. It is always better to do some research into how reliable the message is than open it in haste or follow its instructions.
Haluatko säästää aikaa ja vaivaa?
Anna asiantuntijan hoitaa homma puolestasi.
Se on helppoa! Yksi soitto Elisan Omagurulle riittää. Olemme
arkisin klo 8 - 21 ja lauantaisin 9 - 17.