29 Jan 2024 09:40 AM
Have discovered that apple TV have posted a QR code on the screen and insist that I log in again.
Tried to log in with my mobile, scanned the QR and was asked to pay intially £1.00 to ensure that the CC would work. Followed the instruction but still no Apple TV. Gave up and decided to watch something else. In the meantime Apple had tried to charge my CC with a further £59.99 which as I had not approved the payment ( Had no idea the request had been made) my CC provider declined the payment and alerted me this AM. My question is. Is Apple TV part of SKY Q package or not? It would be great to know what has changed to my subscription to Sky Q.
29 Jan 2024 09:45 AM
@GerryBrown wrote:Have discovered that apple TV have posted a QR code on the screen and insist that I log in again.
Tried to log in with my mobile, scanned the QR and was asked to pay intially £1.00 to ensure that the CC would work. Followed the instruction but still no Apple TV. Gave up and decided to watch something else. In the meantime Apple had tried to charge my CC with a further £59.99 which as I had not approved the payment ( Had no idea the request had been made) my CC provider declined the payment and alerted me this AM. My question is. Is Apple TV part of SKY Q package or not? It would be great to know what has changed to my subscription to Sky Q.
Did you use a QR scanning app on your phone or just the standard camera app? There have been reports of some dodgy QR Code reading apps which direct users to spoof websites where credit cards details can be stolen.
25 Apr 2024 12:38 AM
We had exactly the same problem. We signed for Apple TV using the QR code supplied by Sky using a QR reading app.
After a few attempts we managed to register using an apple email and gave the debit card details. We received a confirmation of the Apple TV 3 month free trial from Apple and gained access to the station after about 20 minutes.
A few days later, we noticed £1 had been debited from our account the day after the Apple activation followed by £59.99 the following day . Both were debited under the description sprtybill.com.We queried this with the bank and they said it had been authorised and therefore would not offer a refund. We tried twice and only after exhaustive investigation realised the payments were linked to our Apple TV application.
A few days later there was another transaction for £24.99 under the description THRVMBILL.COM which the bank did refund and l cancelled my debit card. This latest transaction was clearly linked to the Apple TV application and we are now trying to get the money back from Sky or Apple TV as there is clearly a security failure in their QR code and or activation links which is very worrying and l wonder how secure other applications offered by Sky will be in the future as more and more apps become available.
@GerryBrown wrote:Have discovered that apple TV have posted a QR code on the screen and insist that I log in again.
Tried to log in with my mobile, scanned the QR and was asked to pay intially £1.00 to ensure that the CC would work. Followed the instruction but still no Apple TV. Gave up and decided to watch something else. In the meantime Apple had tried to charge my CC with a further £59.99 which as I had not approved the payment ( Had no idea the request had been made) my CC provider declined the payment and alerted me this AM. My question is. Is Apple TV part of SKY Q package or not? It would be great to know what has changed to my subscription to Sky Q.
25 Apr 2024 09:03 AM
Posted by a Superuser, not a Sky employee. Find out moreHi @Rachel+Pullen You should delete that dodgy QR App immediately. You have been scammed. This has absolutely nothing to do with Apple TV or Sky and everything to do with your QR App.
25 Apr 2024 09:17 AM
I do not think it is the QR reader as l have been using it since 2020 when QRs came into greater use and l have not had any previous problems despite using it multiple times.
I think it is the QR code and or link provided on Sky VIP that is the problem.
25 Apr 2024 09:26 AM
Posted by a Superuser, not a Sky employee. Find out more
@Rachel+Pullen wrote:
I do not think it is the QR reader as l have been using it since 2020 when QRs came into greater use and l have not had any previous problems despite using it multiple times.
I think it is the QR code and or link provided on Sky VIP that is the problem.
@Rachel+Pullen as @MightyQuinn this problem is normally down to the QR Reader and not the code we have had these enquiries in the past regarding the problems you and @GerryBrown have had and it has always ended up being the QR reader. If the QR reader has recently been updated it could contain the link to these scam sites taking money from you.
As the QR code and link are used by many people taking the offer up there would be many more reports of this happening.
Most phones now a days just use the camera to read the QR code and don't rely on a third party app so might be worth checking out if your phone can do that
25 Apr 2024 09:27 AM
Posted by a Superuser, not a Sky employee. Find out moreHi @Rachel+Pullen There is no need for a QR reader App. The only safe App is the native camera App on the device. Apps get updated regularly and dodgy code could be added anytime.
25 Apr 2024 09:57 AM
Thank you both, l will look into it and am also going to try the link without the QR code on a separate device and see what happens
25 Apr 2024 02:37 PM
Posted by a Superuser, not a Sky employee. Find out more
@Rachel+Pullen wrote:
I do not think it is the QR reader as l have been using it since 2020 when QRs came into greater use and l have not had any previous problems despite using it multiple times.
Typically what changes is the app developer is convinced to sell the app itself, or otherwise loses their own control over it. At that point the new owner or whoever has appropriate credentials can modify how the app works, and start injecting redirects to bogus subscription services and other malicious content.
It's perhaps worth considering that criminals almost always have more money than small software creators..
25 Apr 2024 05:34 PM
Posted by a Superuser, not a Sky employee. Find out more
@Rachel+Pullen wrote:We had exactly the same problem. We signed for Apple TV using the QR code supplied by Sky using a QR reading app.
After a few attempts we managed to register using an apple email and gave the debit card details. We received a confirmation of the Apple TV 3 month free trial from Apple and gained access to the station after about 20 minutes.
A few days later, we noticed £1 had been debited from our account the day after the Apple activation followed by £59.99 the following day . Both were debited under the description sprtybill.com.We queried this with the bank and they said it had been authorised and therefore would not offer a refund. We tried twice and only after exhaustive investigation realised the payments were linked to our Apple TV application.
A few days later there was another transaction for £24.99 under the description THRVMBILL.COM which the bank did refund and l cancelled my debit card. This latest transaction was clearly linked to the Apple TV application and we are now trying to get the money back from Sky or Apple TV as there is clearly a security failure in their QR code and or activation links which is very worrying and l wonder how secure other applications offered by Sky will be in the future as more and more apps become available.
@GerryBrown wrote:Have discovered that apple TV have posted a QR code on the screen and insist that I log in again.
Tried to log in with my mobile, scanned the QR and was asked to pay intially £1.00 to ensure that the CC would work. Followed the instruction but still no Apple TV. Gave up and decided to watch something else. In the meantime Apple had tried to charge my CC with a further £59.99 which as I had not approved the payment ( Had no idea the request had been made) my CC provider declined the payment and alerted me this AM. My question is. Is Apple TV part of SKY Q package or not? It would be great to know what has changed to my subscription to Sky Q.
Just for reference, payments to Apple TV for subscriptions or other content usually show on bank statements as 'APPLE.COM/BILL IRELAND' or something similar.
11 May 2024 03:58 PM
Don't be distracted by excusing Sky.
They have a Help File which is only ever accessed after a problem.
The Help file mentions using mobile native QR reader....... clearly the issue is known about.
It's an egregious failure to secure the subscriber details.
This results in a breach of the individual's bank account, Sky login and email account.
On the screen offering the Apple trial there's no warning despite the company knowing the dangers.
There's no caveat emptor.
There's no recommendation to study the help file.
Nothing.
Yet BSkyB or Sky TV, in full knowledge that the QR code they use on the screen is a major and unnecessary security breach.
Regardless, Sky offer no warning.
The subscriber has to repair the damage....the financial loss....the email breach, the login future security.
It's an appalling failure to protect subscriber data.
I will not leave it.
Any company with such disregard for customer data security and such a maverick attitude to online safety must be held to account.
11 May 2024 04:49 PM - last edited: 11 May 2024 04:50 PM
Posted by a Superuser, not a Sky employee. Find out more
@Harrysback wrote:Don't be distracted by excusing Sky.
They have a Help File which is only ever accessed after a problem.
The Help file mentions using mobile native QR reader....... clearly the issue is known about.
It's an egregious failure to secure the subscriber details.
This results in a breach of the individual's bank account, Sky login and email account.
On the screen offering the Apple trial there's no warning despite the company knowing the dangers.
There's no caveat emptor.
There's no recommendation to study the help file.
Nothing.
Yet BSkyB or Sky TV, in full knowledge that the QR code they use on the screen is a major and unnecessary security breach.
Regardless, Sky offer no warning.
The subscriber has to repair the damage....the financial loss....the email breach, the login future security.
It's an appalling failure to protect subscriber data.
I will not leave it.
Any company with such disregard for customer data security and such a maverick attitude to online safety must be held to account.
It's possible they could add a warning to every screen that shows a QR code.
but the real failure here is Google's in my opinion, for allowing these corrupt apps on the Play Store.
Sky have not leaked your data. The phone did it (with the user's compliance but they got tricked)
11 May 2024 05:03 PM
Posted by a Superuser, not a Sky employee. Find out more
@Chodley wrote:
@Harrysback wrote:
Don't be distracted by excusing Sky.
They have a Help File which is only ever accessed after a problem.
The Help file mentions using mobile native QR reader....... clearly the issue is known about.
It's an egregious failure to secure the subscriber details.
This results in a breach of the individual's bank account, Sky login and email account.
On the screen offering the Apple trial there's no warning despite the company knowing the dangers.
There's no caveat emptor.
There's no recommendation to study the help file.
Nothing.
Yet BSkyB or Sky TV, in full knowledge that the QR code they use on the screen is a major and unnecessary security breach.
Regardless, Sky offer no warning.
The subscriber has to repair the damage....the financial loss....the email breach, the login future security.
It's an appalling failure to protect subscriber data.
I will not leave it.
Any company with such disregard for customer data security and such a maverick attitude to online safety must be held to account.
It's possible they could add a warning to every screen that shows a QR code.
but the real failure here is Google's in my opinion, for allowing these corrupt apps on the Play Store.
Sky have not leaked your data. The phone did it (with the user's compliance but they got tricked)
@Harrysback in that case then every single company that uses QR codes would need to put up a warning and or disclaimer but as its not the QR code but the QR reader app that the person is using that causes the problems as @Chodley has stated so its not the owner of the QR code that has leaked anything its another scamming trick I always use the phones camera as the QR reader
11 May 2024 05:44 PM
Of course apportioning blame is quite possible here... Google have been remiss.
However....Sky wrote or amended a help file because they knew a vulnerability existed.
It would have been both simple and wise to add a warning OT create an alternative route to the free trial.
Unfortunately for the consumer, Sky, in full knowledge of the potential for bank accounts to be compromised, chose to do nothing.
Fortunately my bank, at 2145hrs not only cancelled my card ( a week of inconvenience), but identified the company, stopped future payments and provided me with a new card.
All because Sky made a decision, at a senior level to not warn subscribers.
In the world of digital health and safety a company with millions of consumers must take every measure to protect the bank details, email security and Sky login.
There's no alternative.
If it was widely thought that your bank details were not secure potential subscriptions would be deferred.
What kind of company takes such risks?
Nobody should have to fix problems created by a company you pay. Anxiety, time, inconvenience, loss... this isn't a small hiccup.
Sky decided not to tell us.
11 May 2024 08:37 PM - last edited: 11 May 2024 08:41 PM
Posted by a Superuser, not a Sky employee. Find out more
@Harrysback wrote:
Of course apportioning blame is quite possible here... Google have been remiss.
However....Sky wrote or amended a help file because they knew a vulnerability existed.
It would have been both simple and wise to add a warning OT create an alternative route to the free trial.
Unfortunately for the consumer, Sky, in full knowledge of the potential for bank accounts to be compromised, chose to do nothing.
Fortunately my bank, at 2145hrs not only cancelled my card ( a week of inconvenience), but identified the company, stopped future payments and provided me with a new card.
All because Sky made a decision, at a senior level to not warn subscribers.
In the world of digital health and safety a company with millions of consumers must take every measure to protect the bank details, email security and Sky login.
There's no alternative.
If it was widely thought that your bank details were not secure potential subscriptions would be deferred.
What kind of company takes such risks?
Nobody should have to fix problems created by a company you pay. Anxiety, time, inconvenience, loss... this isn't a small hiccup.
Sky decided not to tell us.
@Harrysback sorry I completely disagree with you yes Sky could put a warning to use the native QR reader but ultimately the user of the phone is the person who makes the decision to use a third party QR reader then it is the user who inputs their bank details to sign up to some other website that is not Sky or Apple how can Sky be responsible for decisions that a customer makes and even if there was a warning how many people would actually heed it.
This scam has been going on longer than Sky has been using QR codes for the free Apple trial.
So you want every company using QR codes to put warnings to only use native QR readers or not to use third party QR readers i'm not sure that they actually can as it only seems to be a small number of the QR readers that have been compromised.
Personally I think the customer has to take the blame as it was their choices to put their bank details into a non Sky/Apple website
No problem. Browse or search to find help, or start a new discussion on Community.
On average, new discussions are replied to by our users within 90 minutes
New Discussion