Delete “Google” applications List of miui applications to delete

Why Xiaomi Mi PC Suite does not see the phone and how to set it up Difficult solutions

Description of the UMS service from Megafon

Jabra Halo Smart Stereo Headset Review: Long-lasting Bluetooth Headset Voice Guidance

TV Set-top Box Xiaomi Mi Box Mini Using the TV Set-top Box Xiaomi Mi Box

K2 component for Joomla - to be or not to be?

ums service. Megafon personal account: login, registration, options for how to recover your password

Modern users always try to stay connected. They send SMS and MMS, surf the Internet, social networks, communicate via instant messengers, not to mention email. Eventually UMS Megafon allows you to get rid of huge amount applications. Thanks to this service, you can free up the memory of your device.

In fact, you just go to the site and manage mms and sms from there. The web interface of the service provides such opportunities. Which is adapted to work with WindowsPhone, iPhone and Android.

UMS Megafon: what it provides

What specific capabilities does UMS Megafon provide to the client? There are a lot of them. You can:

Work with mail. In particular, write and send messages without character restrictions.
View history and various messages (SMS and mms). Of course, messages are reliably protected from other subscribers. In general, electronic security in this case is at its best; vulnerabilities have been repeatedly tested and closed.
Browse social networks. Available on Facebook, Odnoklassniki, VKontakte, Twitter. Over time, UMC Megafon plans to expand this list.
Communicate on social networks. Moreover, the program allows you to do this conveniently and quickly.
Set up a blacklist and filter SMS by it.
Make your own autoresponders for SMS and MMS, set automatic signature at the end, etc.
Receive SMS notifications that incoming messages have arrived on social networks and (or) by mail.

In addition, right in your personal account, Megafon makes it possible to view numbers from mobile phone. If desired, no one bothers you to save the entire list and edit it.

In general, the operator has a very convenient way of working with SMS and MMS. However, if desired, the history saving function can be disabled. All actions inside the application are performed free of charge, the portal does not charge you anything.

How to log into your UMS account?

The main principle of providing the UMS service from Megafon is consumer convenience. Therefore, the entrance to Personal Area simplified as much as possible here. You only need to enter the password for your personal account. At UMS it coincides with it. And if you have a special application installed on your smartphone, then it has its own rather convenient login option.

Service cost. How to enable and disable?

The UMS service is free for all accounts. The only thing you have to spend here is time during registration. But when sending messages to Cell Phones with operators that the service does not support, you will be charged at the regular rate.

Activating the service is very simple: you need to go to the appropriate website, click on the agreement and enter the code. In addition, you can use applications that allow you to do the same. There is another option: dial the code *598*1# and press call.

You can also send a message to a short number with the word “ON” or “ON”. You can start using the service immediately after registration, that is, you won’t have to wait here.

If you want to refuse this service, you can simply send a message with the word “Off” or “Off” to a short number. Or enter the command *598*2#. Please note that when disabled, the message history is not saved: everything is erased automatically.

Summarizing

The UMS service appeared in 2012. Since then it has been improved several times. Vulnerabilities were discovered and closed that allowed money to be debited from consumers' accounts for paid subscriptions. Megafon has worked on the issue of authentication, as a result of which now you don’t have to worry about the safety of data in general.

However, the concept of UMS itself has also changed. For example, here service and banking messages are not saved, even if all other correspondence remains. This has become part of the security policy. In general, the service is quite convenient; it allows you to manage your messages and combine everything within one account.

Over the past 4 days, a wave of complaints from Megafon subscribers has begun to appear on the Internet. The bulk are associated with unauthorized subscriptions to paid SMS services. This became possible due to the presence of a vulnerability in the new UMS service.
The situation is aggravated by the weakness of legislation in the Russian Federation and the lack of effectiveness in solving such crimes by law enforcement officers. For the operators themselves, apparently, it is simply not profitable to solve the problem of stealing funds from subscribers’ accounts using SMS subscriptions.

Returning to Megafon, a security hole was found and exploited in the service to work with social networks and UMS messages. This service was launched by the operator in December 2012. One of the advantages is full-fledged work with SMS messages, providing functionality for reading and sending messages. Subscribers are connected to it automatically; to do this, they need to enter their phone number and password for the Service Guide service.

Outwardly, everything looks convenient for subscribers, but this is only external. If the Service Guide service has at least some semblance of protection with entering a “security code”, then in the case of UMS there is the possibility of brute-forcing passwords. Considering that most numbers use only a digital combination, it is only a matter of time before the password is selected, and given that the length can be 4 characters, finding the password is very fast. Having received the login password, attackers gain access not only to the subscriber’s SMS messages, but also to the Service.Guide system. Currently, this security hole is used to implement mass paid SMS subscriptions. According to messages appearing on the network, the operator, for its part, declares the need for a written request for a refund. But, if at the very least a loss of funds can be noticed in the case of using a SIM card as the main SIM card, then in the case of a SIM card in modems, the problem will only become known when a significant debt arises on the account.

Another pitfall that may appear soon may be related to the SMS functionality. One of the most serious dangers may be access to Internet banking and manipulation of a bank account.

I recommend checking your personal account settings and disabling access to the UMS service in the form in which it is currently introduced; there are a large number of pitfalls; this can be done in the Service.Guide service.

Comments:

Recently, gamers have no problems at all with choosing a computer case, since there is a whole...

Intel has introduced a rather unusual Honeycomb Glacier laptop, which is a gaming solution...

Nothing new has happened in the gaming peripherals market for quite a long time, since companies have already used everything...

At Computex 2019, FSP showed the CMT710 computer case, which has a design...

X2 Products has introduced the Abkoncore Cronos 710S computer case, which is designed to...

We are all accustomed to communicating and corresponding daily in the environment of social networks and instant messengers. But what if you no longer have to download and install mobile applications for each individual resource and control all services through one program? This opportunity is provided by the UMS Megafon service. You will greatly simplify your communication and free up the memory space of your mobile device. But that's not all, you will find out more in the article.

Description and capabilities of the service

If you want to get rid of the clutter of mobile applications on your device, but actively use them, feel free to install UMS from Megafon. The option is able to combine popular social networks, instant messengers and email into one program. You can significantly simplify correspondence and communication, and control your accounts in various services in real time.

UMS is a negotiation system that includes several types of communication and communications. With its help you can send SMS, MMS, view news feeds on social networks, manage email and share your exact location. This service is implemented on the Internet platform, as well as in the form of a mobile application. Both of these directions are completely synchronized. The service can perform the following tasks:

Send and receive SMS and MMS.
View the news feed on Vkontakte, Odnoklassniki, Twitter and Facebook.
Actively communicate simultaneously on several social networks.
Filter incoming messages. Add unwanted contacts into a black list.
Set up an autoresponder for SMS and MMS.
The consumer will receive a notification via SMS about new incoming messages.
Synchronize contacts from your SIM card library and mobile phone.
All received messages are automatically saved in memory. If necessary, you can disable this function yourself.
Determines the exact location of the user.
Forwarding incoming calls to other phone numbers.
Postponed sending SMS at exactly the specified time.
You can add your signature to every sent message and multimedia file.

Attention! Notifications from banking systems and from the mobile operator are not saved in the database. This rule was created to protect the user's personal and confidential data.

The service has a limit on the number of messages sent when communicating within the system. You are allowed to write no more than 70 SMS in one day. Correspondence within social networks has no limits. You can communicate unlimitedly with your friends in popular services.

Attention! If a similar application is not installed on the SIM card, the cost of each message will depend on the tariff conditions of the current tariff plan.

There is no subscription fee for using the service, and no commission fee is charged upon connection. Work and communication in the service is free. Provided that both parties, sending and receiving, are registered in the UMS system and have installed the appropriate utility.

Registration in the UMS service

Installation, login and registration in the system are free. To get started, go to official page services in the network space - “messages.megafon.ru”. After this, fill out the authorization form. Enter your mobile phone number in international standard and a security password for your personal account. Therefore, to activate, create an account in your Megafon personal account.

To receive a password, enter the USSD code - *105*00# or write an SMS message to “000105” with the text “00”.

After that, fill in the captcha correctly and, if desired, check the box to remember me. After this, a notification with a registration confirmation code will be sent to the specified contact number. It is only valid for 15 minutes and can only be used once. You can request no more than 10 activation keys per day.

In addition, there are other ways to connect to the service:

Download and install official application and go through the registration procedure in it.
Dial USSD command *598*1#.
Write an SMS message “ON” or “ON” to service contact “5598”.
Contact Megafon employees at any nearest service branch. Take your passport with you to confirm your personal information.
Call technical support 0500 subscribers.

Once registration has taken place, you can immediately start communicating.

Portal interface

If we look at the application, it has three main tabs:

Profile. Here you can change your personal data at any time. Link social media accounts and email.
Contacts. All added interlocutors from the main contact library of the mobile device and from other Internet communication services are collected here.
MIX. The news feed from various connected social networks is displayed here. Messages and multimedia files.

In the web interface at the top there is a main control panel, which displays:

To start communicating, add your interlocutors to your contacts book. To do this, find the corresponding tab on the panel and select one of the methods:

Security Settings

In this section, you can strengthen security measures and protect your confidential data from unauthorized persons, as well as set up SMS confirmation. Each time you log in to the service, you need to enter a confirmation code and update the application to latest version, otherwise you will not be able to log into your account.

Setting up MMS

In this section you can do the following:

Activate or disable automatic saving of incoming MMS. They will be stored on the server indefinitely, even if you lose your device.
Set forwarding to another contact phone number.
Set up an answering machine for all incoming or specific numbers.
Set up copying of incoming messages to another contact.

Setting up SMS

The following options are available here:

You can set up notifications for incoming messages.
Confirm that data is stored on the UMS service server.
Add a signature to each SMS.
Set up redirection.
Add users to the blacklist and send inboxes to spam.

Communication takes place in the messages section. All chats are displayed here. If you wish, you can find a specific message using the search. You can simultaneously correspond with several interlocutors from phone book or on social networks.

Megafon always meets its subscribers halfway, providing various services for more convenient and comfortable use.

1. UMS service

Having created the UMS service, Megafon received enthusiastic responses from its adherents mobile operator.

UMS is a well-made web portal designed for communication and entertainment. All Megafon subscribers can connect to it by downloading a special application and using the phone number as a login, the password is obtained from " Service Guide". Also, for greater convenience, the service can be activated via SMS with the text "On" or "On" (depending on the capabilities of the phone) or by dialing the combination *598*1#.

2. How to recover SMS

Interest sections on the portal are clearly divided into communication, entertainment and useful features SMS message management. One of these is the popular function of recovering deleted SMS.

To be able to recover messages,...

1 0 0

Returning to Megafon, a security hole was found and exploited in the service for working with social networks and UMS messages. This service was launched by the operator in December 2012. One of the advantages is full-fledged work with SMS messages, providing functionality for reading and sending messages. Subscribers are connected to it automatically; to do this, they need to enter their phone number and password for the Service Guide service.

Outwardly, everything looks convenient for subscribers, but this...

2 0 0

I haven’t really been able to use it to my advantage once in the last month. Always the same picture:
-

Update: As a result of clarifying the relationship with @MegafonHelp (after this post), the following result was achieved:

The main answer is that the UMS service is not connected to you. "We don't know anything." When asked whether the fact that I have SMS+ connected is not enough, I didn’t really get an answer. As well as the question of why it worked before.
I was still advised to disable and reactivate the service. As a result of this action, all SWS correspondence in recent years (since the advent of SMS+) was irretrievably lost. Angered by this matter, I decided to disable SMS+ for myself completely, since now it was completely unclear what to pay 60 rubles a month for , since everything that was valuable to me was lost. But now free UMS WORKS for me. He is generally without subscription fee for now, as far as I could understand. Although it seems they charge you for sending messages from it (I couldn’t really understand this, but...

3 0 0

MegaLabs and the Siberian branch of OJSC MegaFon have launched test operation of a new Unified Messaging Service (UMS). Thanks to UMS, the operator’s subscribers will be able to exchange messages within the service for free, set up forwarding and “black lists” for incoming SMS, communicate on social networks and popular chats, and use many other free functions.

The UMS platform provides an intelligent solution for active smartphone users who want access to SMS, MMS, Internet chat, social networks and email in one smartphone application. To work with the service, the subscriber needs a device running Android and iOS OS, and some additional functions configured in the program’s convenient web interface.

Free SMS and MMS. UMS users for Android smartphones and iOS can send free SMS and MMS messages to other subscribers of the UMS service. Even if the other...

4 0 0

As time passed, we decided to check how much Megafon cares about the security of the personal data of its customers, and conducted a small test of authorization products in the “service guide”. The result was not crowned with success, Megafon actually corrected the error that the habro community poked them into, but for some reason they did not dare to go further and check the entire system.

I won’t repeat what you can do with a subscriber’s account if you have access to the “service guide” (see article), I’ll go straight to the sweet stuff.

As the analysis showed, in Megafon, there is an internal gate with which messages.megafon.ru, moscowsg.megafon.ru and many other applications for authorizing subscribers will connect. Using the UMS and Megafon Disk mobile applications, you can select passwords at high speed due to the absence of the need to carry out a full authentication procedure.

About this problem...

5 0 0

To manage UMS features and configure personal parameters, use the “My Profile” menu in the mobile application or the “Message Settings” section of the web portal.

Storing and viewing SMS and MMS correspondence

Read saved correspondence via mobile app or on the service website. To disable the message saving feature, go to the section "Message Settings" on the UMS portal or open the mobile application menu (section "My profile"...

6 0 0

By connecting to the Service and installing the application on your phone or using the web portal, you can:

Store and view SMS/MMS correspondence

Your SMS/MMS messages will be saved on the web portal and mobile application of the service automatically. You can disable the function of saving correspondence on the “Message Settings” page of the web portal or in the “My Profile” - “UMS Service Settings” - “Message Management” menu of the mobile application.

Send SMS and MMS messages

From the Service web portal or mobile application, you can send UMS messages to subscribers who are users of the Service free of charge (for the beta testing period). If you wish, you can not send the message immediately, but set the sending time (using the “Delayed sending” option). In this case, the message will be sent to the recipient when the time you specify arrives.
When entering a new UMS message, you will see the number of characters typed and the number of sent...

7 0 0

To connect to the service via a mobile application, first download it from the AppStore or Google Play Market (depending on the type of phone you use) and install the application on your phone. After launching the application, entering your phone number and password from the “Service Guide” and confirming your agreement with the terms of the offer, the service will be connected.

To connect to the service through the web portal, go to https://messages.megafon.ru, enter your phone number and password from the “Service Guide”. After confirming agreement with the terms of the offer, the service will be connected.

To connect to the Service via SMS, send a message with the text "On" or "On" to the number 5598 .

To connect the Service with using USSD enter the command *598*1# .

FAQ MegaFon - Frequently asked questions...

8 0 0

9 0 0

On December 10, 2012, MegaFon together with MegaLabs announced the launch of a beta version of the new UMS service:

MegaFon and MegaLabs announce the launch of a beta version of the application for smartphones* - UMS (Unified Messaging Solution). The application allows MegaFon subscribers to communicate through popular instant messengers, social networks and email, receive and send regular SMS and MMS through a single interface.

The service was presented by the first persons of the companies - Mikhail Dubin (Executive Director of MegaFon) and Oleg Butenko (General Director of MegaLabs). Which kind of hints to us about the importance of the service for the operator and its subsidiary.

Essentially, the service is an interface that combines the ability to send several types of messages. First of all, these are SMS and MMS, as well as Facebook, VKontakte, Odnoklassniki, Twitter, Gtalk, ICQ, [email protected].

To be precise, the service has two interfaces - a web portal and a mobile application for the Android platform and...

10 0 0

Print version For bloggers MegaFon: the story of one hack

Content thieves will crawl into any hole. Fortunately, greed fails them, and after a large-scale “raid” on wallets, the loophole is closed and the stolen money is returned. Another confirmation that everything is bad with legislation in the field of mobile content.

More precisely, not bad, but not at all. There are no effective instruments of influence, and no one wants to use the existing ones. There is a lot of hassle, the effectiveness is low, law enforcement officers are not interested in messing around. And it’s not profitable for the rest.

11 0 0

The functionality of MegaFon's UMS service is very similar to the functionality of the legendary ICQ application and other similar messengers

12 0 0

Yesterday Megafon launched a new service UMS (Unified Messaging Solution) for smartphone users. The service “allows you to communicate through popular instant messengers, social networks and email, receive and send regular SMS and MMS through a single interface,” as reported in the uninformative news on the operator’s website.

The new service combines the capabilities of the Message Portal service (SMS+ and MMS+); mobile messenger like Whatsapp, Viber, as well as a client for regular instant messengers and social networks, for example IMO.IM.

It seems that this project has nothing to do with Joyn, an international initiative of operators to launch a single competitor to independent (and most importantly, free) OTT services.

What can UMS do?

The news also reports the following: The UMS application will be distributed through the AppStore and GooglePlay for free. Beta testing of the service will last six months, during which the exchange of messages between UMS users...

13 0 0

More and more new subscribers are appearing on our planet every day mobile communications. And this is no coincidence; there are still so many prospects in this market and there is room for further development. Along with cellular communications, the number of SMS and mobile internet. Progress does not just stand still, but moves forward with confident steps.

All of us, well, almost the majority, have had situations in our lives when we deleted a phone number from the phone book, and then regretted it. This is still nothing, but if you accidentally deleted an important SMS, then sometimes it’s simply impossible to calm down. This happens and many still believe that his SMS disappeared without a trace.

But no. For example, the Megafon company has a wonderful UMS service that works every day, which will help restore our treasured messages. True, the main condition is to connect it in advance, that is, only those deleted SMS that you have erased can be restored...

14 0 0

Tired of the screen and memory of your mobile device being cluttered with a large number of applications? The Megafon company has found a way out of this situation. It offers its subscribers to use a special service. UMS from Megafon allows you to combine all social networks and email accounts in one resource. In addition, here the client of the cellular operator will be able to send SMS and MMS messages, as well as exchange files (video, audio, photos) with other subscribers using this service.

Features of the service

UMS is a universal set of services that allows you to communicate via social networks, exchange messages, send MMS, work in email, and also view your feed. This means that cellular operator clients will not need to waste the memory of a tablet or mobile device on a large number of applications and clutter the screen with them.

If there is such a need, users can log into the UMS service using the web interface through the “Personal Account” using one password. This is done for the convenience of Megafon subscribers, because in this case you won’t have to remember passwords for different accounts (social networks, email, etc.). The service has a clear structure, and even a schoolchild can use it. With the help of UMS, a client of a cellular company will be able to:

Receive and send messages on social networks.
Store MMS and SMS messages.
View feeds on most social networks (due to the fact that clients can connect to such services).
Receive or send email.
Filter messages (blacklist unnecessary senders).
Receive notifications that an incoming message has arrived via SMS.
Import and save contacts from the phone book in the memory of your mobile device.

Read also Simple Methods activation of free minutes on Megafon

In addition, with the help of UMS, Megafon subscribers can set autoresponders on MMS and SMS channels.

Benefits of the service

Working with MMS and SMS messages via UMS Megafon is very comfortable. Megafon subscribers have access to the message history storage service. And if the service user no longer needs such a service, you can disable it. As for the operation of banking services, the history of SMS messages from them will not be saved for the purpose of client confidentiality. This rule also applies to service messages sent by Megafon.

In addition, subscribers can use the function of forwarding and delayed sending of MMS and SMS messages to the numbers of other subscribers. You can add a signature to sent messages (added automatically). Also, the service can send messages to other cellular network clients within the system. However, the number of messages that can be sent is limited (no more than 70 per day). If the subscriber to whom the SMS or MMS is sent does not use the UMS service, then the cost of the shipment will be calculated automatically (depending on the sender’s tariff plan).

The functionality of MegaFon's UMS service is very similar to the functionality of the legendary ICQ application and other similar messengers

But there are also significant, pleasant differences, which, in fact, I will talk about in my article.
Let's start with the most important thing, how does UMS MegaFon differ from ICQ:
The ability to send a message not only to the application, but also to a mobile phone.
Receive messages not only in the application, but also from other cellular subscribers (any operator). In other words, you receive a message via the Internet from any mobile phone. At the same time, it is not necessary to keep the SIM card in your phone; you can easily put it on a shelf.
I really liked the “Delayed sending” function; you can specify the date and time of message delivery. If you send a message to a person who does not know about such a program, then, for example, you can write him a whole ode and send it in parts every hour... In general, there are many options for using this function, you just need to use your imagination. For example, you can send birthday greetings a few days before the actual birthday so you don't forget.
Send the coordinates of your current location.
The remaining functions that are available in the application, in general, repeat the set of functions of traditional ICQ, I will describe it very briefly:
Free messaging within the program with low Internet traffic consumption.
Ability to send multimedia content.
View message history, and even if you received a message on your phone, it is duplicated on the server. Thus, it is quite possible to restore SMS history if the phone is lost. The history will be stored from the moment you register for the services and enable the setting to save SMS.
Ability to send messages from a computer and from smartphones based on Android, Windows Phone and iOS operating systems
Connecting to social networks, exchanging messages and using them.

Below I will provide instructions for using the MegaFon UMS service.

1. Connect to the service from your phone. Connection: SMS “On” or “On” (without quotes) to number 5598 (free message).
*598*1#
2. You must obtain a password for the Service Guide service. To do this, dial *105*# and the call key on the phone that will be used to register in the application. You should receive a password in response. Remember or write it down.
3. Go to the website: https://messages.megafon.ru/user/toUserPage.do

4. Enter your phone number, password, and security code. Click the "Login" button.
5. Next, you are taken to the main menu of the program (when you first log in, you should be asked for confirmation to connect to the offer, accept it).

6. I think there is no point in explaining further what to do.
The registration process on mobile devices is similar. The only difference is that before proceeding to step 1, you will need to download the program from the play market or App Store. Through the search you can easily find it by entering the query “UMS”, produced by MegaLabs.

In case you do not want your SMS to continue to be saved on the server, it is better to disable the MegaFon UMS service.

Disable:
SMS “Off” or “Off” (without quotes) to number 5598 (free message).
*598*2#
If you have any questions or just liked this article, please leave comments and subscribe to the news.

Sometimes there is a need to view MMS in your Megafon Personal Account. These messages arrive not only to the recipient’s device, but also to the company’s server, where the user can open all types of media messages: photographs, audio recordings, video files. But before using the opportunity to view MMS, you must complete certain procedures: connecting to the service, registering in your account.

Connecting the service

In order to view MMS in your Personal Account, this service must be activated. As a rule, the connection is made automatically when the SIM card is activated. But in some cases, for example, if the service was disabled or automatic settings were not installed, you have to activate it yourself. To do this you only need to take a few steps:

go to the official website www.megafon.ru and open the “Services” window located in the top field of the page;
in the drop-down list click tab "Basic services" and select MMS;

connect MMS by dialing the USSD command *105*308#. In response to the request, you will receive a notification about the activation of the service.

If you need to disable this option, you need to enter the command *105*308*0# in the USSD request line.

In the "MMS" section, you can also see the list of operators who have the ability to send multimedia messages to Megafon.

Registration in your Personal Account

If you are not able to view incoming MMS messages on your phone, you can do this via a computer by registering in your Personal Account on the official Megafon website.

To do this, go to the Megafon main page and select the active tab "Personal Area". There are two windows here. In the first, you need to enter the Megafon number of your mobile device, which will act as a login. In the second window you need to enter a password to activate your “Personal Account”. It can be obtained using one of several options:

via USSD request: dial *105*00# on your phone keyboard and send a request to the operator using the call button. In response, you will receive a message containing the password to access your account;
send a short SMS message with one Latin letter S from Megafon number to service number 000111. Within a few minutes you will receive a response with a password to log into the system.

After entering the received data, after a few seconds of initialization and loading of parameters, an automatic transition to your "Personal Area". If something was entered incorrectly, a warning entry on a red background will appear at the top of the window, with errors and recommendations for the next actions.

After activating your “Personal Account”, your mobile device will receive an SMS notification that you have received an MMS. This message will also indicate a password so that you can gain access to view MMS through your Personal Account.

View message

After entering your “Personal Account”, it will open home page, on which the “Inbox” tab will immediately be displayed indicating the number of MMS messages sent. When you click this tab, all messages from detailed description information about the sending subscriber, the date and time of receipt of the MMS.

To view the MMS message of interest, you need to double-click on it with the mouse or click “Read”. After that, it will completely unfold and open in the form in which it was sent. Unlike many other telecom operators, Megafon makes it possible to view both regular photos and video and audio files on its website.

Here you can immediately send a response MMS by going to the “Reply” tab. To do this, you just need to attach the required file.

Important:In order to protect your computer from viruses and malware, view MMS only through your Personal Account. Messages from unknown number with an offer to view media files on a third-party resource can be detrimental to the device.

Features of using the service

After connecting, the user can view all received messages at any time through the Personal Account. When using the service, you should take into account the features of this service:

All incoming and sent messages are stored for three days. If they are not saved in a timely manner, the MMS will be deleted;
The Megafon server is often overloaded, so a notification about receiving an MMS with a password for viewing may arrive with a significant delay. If you need to receive an urgent media message, then to quickly receive it, it is best to contact the Megafon support service;
The size of a transmitted MMS message for Megafon cannot exceed 1 MB. Otherwise, it cannot be delivered to the server;
viewing MMS through your Personal Account in your home region is completely free for Megafon subscribers. When using the service in roaming, the cost of traffic for downloading messages will be paid according to the terms of the established tariff.

Important:In order for the MMS to be received correctly, the sender must dial the number only in the international format: +7 9ХХ ХХХ ХХХХ.

Alternative method: viewing using the UMS service.

You can view received MMS using the new UMS service presented by Megafon. Using UMS, a subscriber can view and store MMS messages for a long period of time: from three months or more. Messages received and sent via UMS are free of charge. To connect to this service, you can use one of three options:

Connection through your Personal Account. To do this, you need to log into your Personal Account. Open "Options and services". Here you need to click on the tab "Additional". After opening it, a list with possible connections will appear on the page. Find the UMS service and click the “Connect” button. If the connection was successful, you will receive an SMS indicating that the service has been activated.

Connection via SMS; to do this, from the Megafon number you need to send a message with a small text “On” or “On” to the number 5598.
Connection via USSD request. Dial the command *598*1# from the Megafon number.

This time, the “eye of the needle” for the “content camel” turned out to be the universal portal for working with messages and social networks UMS (Unified Messaging Solution), launched in December last year, i.e. less than three months ago. One of the key advantages of the service is full-featured work with SMS messages: from a web portal or a special application you can send SMS from your number, set up filters, etc. Incoming SMS are also duplicated and saved, and you can respond to them directly from the web interface and, if desired, the complete archive of messages remains with you, which can be useful when changing devices. You can read our review of this platform; the key quote for today’s analysis is:

“Registration in the system occurs automatically when you first launch the application and enter your phone number plus the password from the Service Guide. If you have not used Service Guide before, the easiest way is to set the password with the USSD command *105*01*password#password# (instead of the word “password” - the combination of numbers you selected for the password).”

In short, the UMS service has implemented a subscriber-friendly and progressive user registration scheme: when entering the UMS portal, registration occurs automatically after entering the phone number and password to the Service Guide. Legally, this is quite acceptable, since the service is free, plus there is a conscious user action (registration on the portal with entering a password). For example, the paid SMS+ service, which is largely similar in functionality, must first be activated through self-service systems. And with UMS they decided to make life easier for the user; there is no need to connect any services either using the USSD command or through the Service Guide. Which, undoubtedly, increased the “friendliness” of the service, but created additional features for the attacker.

Event

On the afternoon of April 4th I received an angry letter from detailed description materialized on the subscription number. Quotes with permission of the author:

“...I am a subscriber of MF North-West. Last night I received an SMS “Your account has been used to log into the web portal https://messages.megafon.ru (see screenshot above). I didn't pay much attention to her, because... sometimes you receive SMS with an offer to download MMS, SMS and something else. I went to the page using the link and saw something from Megafon. But because I didn’t use this service - I forgot.

Then a second SMS arrived (an hour and a half later) with a digital code and the text “Do not tell anyone your personal code.” Then I immediately called contact center Megafon (it’s good that I have a VIP tariff and the wait for an operator is less than a minute). During the conversation, another SMS came with the text that a subscription had been issued to my phone number. The operator told me that he had “subscribed” to paid subscription from the site spinyla.net, from which they immediately unsubscribed me (but they managed to withdraw 20 rubles). I also left a request for a refund (20 rubles). Today I received an SMS that the request was approved, but the money has not yet been credited to my account. Let's wait.

The password in the Megafon Service Guide can only be specified in numbers (yesterday's century, but oh well). But it's not my birthday, it's old number phone, where I moved from about 10 years ago. Accordingly, it is almost impossible to find it by brute force. The question is where did they get the password? Three options in my opinion:

Megafon website was hacked
The password was “taken” from the Google Chrome / Opera password storage (I use them)
The password was “taken” from the My Balance application (mbalance.ru) for iPhone

Point 1 looks unlikely. Point 2 too: no viruses were detected on the computer. Point 3 remains as the closest to reality. I don’t want to believe it, but?”

Finding a password for the Service Guide is really almost useless. In addition to the captcha at the entrance, there are various restrictions on the number of attempts and, most likely, all other security systems. In my memory, the login procedures were reworked and “finished” three times, and these were only externally noticeable improvements.

Therefore, I assumed either that the passwords were stolen by a Trojan, or that the password was guessed through logging into the UMS portal. There is no captcha provided there, which greatly facilitates the “automation” of selecting a password for a number. Or, more likely, matching a phone number to a specific password. The scammer doesn’t care which phone numbers to “work” with, but simple passwords type 123456 is used by thousands, if not tens or hundreds of thousands of subscribers.

Chronology

I dug around on the Internet and found a whole collection of identical complaints about connecting a “left” subscription with a complete coincidence of all the symptoms. Starting from the receipt of the SMS “Your Account used to enter the web portal https://messages.megafon.ru...” and ending with all other attributes, up to the general “content partner” (site www. spinyla.net). The timing of the events also roughly coincided: from the late evening of April 3 to the early morning of April 4.

The geography is very different: Moscow, St. Petersburg, Krasnoyarsk, Volga region. In one case, all four phone numbers in a family were “affected,” which indirectly fits into the assumption of an automated search: either “neighboring” numbers were purchased at the same time, or, more likely, all four numbers used one common password for the Service Guide.

On the afternoon of April 4th there was no generalized information yet, and subscriber services were broadcasting whatever they wanted. From “You signed up yourself!” to “Make sure that no one knows your password in the Service Guide.” It must be assumed that the same complaints triggered a mechanism to find out the reasons and take action, and towards evening there was certainty in the answers.

On the morning of April 5, a message appeared on MegaFon’s website about “preventive maintenance” and restrictions on the functioning of other applications related to the use of the Service Guide. There are coincidences, but it looks more like urgent emergency “work” to eliminate vulnerabilities rather than “preventative”.

By the evening of April 5th, the epic of content hacking was (hopefully) successfully completed. The security gap was patched, and the money stolen from the accounts was returned. Those who didn’t notice the write-off will never notice anything. For those who noticed and started making a fuss, they are now announcing the official wording about technical problems with the equipment and an erroneous subscription connection. The version, of course, is funny: there was a glitch in the software that connected subscribers to the UMS service, sent an SMS message or entered a number on the website, received an SMS with a code, entered it and subscribed. God forbid us from such “failures”, this is already called the “rebellion of the machines”.

What was it?

We won’t know all the details, and MegaFon won’t tell you. I read about very similar cases in early March, also a subscription and also with the connection of the UMS service. True, the victim wrote about SMS+, but he could have made a mistake or not heard. To connect SMS+, you need to select a password at the entrance to the Service Guide, and this is a thankless task. And, most importantly, completely unnecessary in the presence of a “friendly” UMS.

Judging by the screenshot of the details, the theft process is completely automated, the programmers did a great job. Pay attention to the time: according to the numbers, the subscription was registered two seconds after receiving the SMS message with the code. Looking up, reading and entering four numbers manually in two seconds is hardly physically feasible. Almost certainly, the selection of blocks of numbers at the entrance to the UMS portal is also well automated; for a possible income of 20 rubles per day, no one will pore over this manually.

Judging by the time interval between successfully selecting a password and connecting a subscription (in different examples, from one and a half to five hours), the “event” is carried out in two stages: first, a portion of successfully selected phone/password pairs is prepared, then these pairs are processed by subscriptions. The whole process is then repeated for the next block.

I can assume that the monetary potential of this scheme was assessed a long time ago, the software was ordered/written, and fellow content creators have been stealing from “leftist” subscriptions for more than one week. Now either greed has taken over, or the program has fallen into the hands of a stupid person. Who, wanting too much money “here and now,” inadvertently launched a fraud tracking mechanism. You have to be more modest, more modest.

It’s scary to imagine how many fascinating stories have passed through the camera’s anti-fraud departments. And how many stories have not yet passed and, perhaps, will never pass. They will return (or not return) what was written off to the complainant and forget about it. Still, we need to resolve the issue in principle, and not engage in patching up security holes and developing scanty “Content Bans.” We would disable everyone’s access to any paid content and enable it only upon written request. Oh, dreams...

Conclusions for us

What you and I should take away from this story.

Although there is a saying about shells that don’t hit the same place twice, I would check the UMS service connection in the Service Guide just in case. What if you once connected it “to try”, but didn’t turn it off or forgot?

If the service is not connected, then upon the first successful login to the UMS portal, its automatic connection is triggered, and the entry “The composition of services has been changed” appears in the Service Guide, indicating the date and exact time.

At the same time, an SMS message is sent to the phone warning about successful login to the UMS portal using user data (phone number and password). For us, this is an important “bell”, after which you can have time to disable the service and/or change your password. Subsequent visits to the portal occur unnoticed by the user. At least I didn’t have any SMS warnings, I checked.

Don’t be lazy to use a password of the maximum length and categorically refuse traditional combinations like 12345, date of birth, etc.

Paying attention to “mysterious” SMS messages and not rushing to erase them from your phone’s memory can be useful for reconstructing the picture of what happened.

Publications on the topic

What exactly does an SEO do?

The rapid development of the Internet and increased competition between the websites of various companies have led to the emergence of a new type of activity - SEO...
The computer does not see Meizu The Meizu phone does not connect to the computer

Meizu smartphone does not connect to PC? Every third owner faces this problem. Often the reasons lie not in the phone at all...