URGENT you are owed £3350 for the PPI you took out, time is running out to claim, please visit www.ppinomore.com to claim, thank you. To opt out reply STOP.
The sending number is +447787446160 although this will change at they get blocked for spamming. If you have any more numbers, then please considered adding them in the Comments section.
If you get one of these, you should forward the spam and the sender's number to your carrier. In the came of T-Mobile, O2 and Orange the number to report to is 7726 ("SPAM"). Vodafone customers should use 87726 ("VSPAM") and Three customers should use 37726 ("3SPAM"). Hopefully the carriers will act if there are enough complaints.
The thing with these spam PPI messages is that they are also a scam. I don't have any mis-sold PPI, so I'm not eligible for anything, but it seems that the spammers are encouraging you to make a fraudulent claim, which is a criminal offence.
So who is behind ppinomore.com? It has anonymous WHOIS details so no clue there. They claim their address is in Pakistan:
586, Park Towers,
Block 26, P.E.C.H.S.,
And they're not regulated by anyone..
ppinomore is a marketing agent. Our partners are regulated by the Ministry of Justice in respect of regulated claims management activities - their authorisation number is available on request and their registration is recorded on the Ministry of Justice website
So who are their partners. Of note, the ppinomore.com site is hosted on 18.104.22.168 which is hosted by Worldstream in the Netherlands, but actually allocated to a scam/spam friendly outfit called YoHost . The following sites are on the same server:
Some of these look quite interesting.. they're also using SMS and PPI themed sites. Almost all the sites have anonymous WHOIS details.. apart from myppi.org that is..
Created On:21-Aug-2012 10:52:54 UTC
Last Updated On:21-Aug-2012 10:52:55 UTC
Expiration Date:21-Aug-2013 10:52:54 UTC
Sponsoring Registrar:GoDaddy.com, LLC (R91-LROR)
Status:CLIENT DELETE PROHIBITED
Status:CLIENT RENEW PROHIBITED
Status:CLIENT TRANSFER PROHIBITED
Status:CLIENT UPDATE PROHIBITED
Registrant Name:john mcneish
Registrant Street1:flat 3 11a whitworth street
Registrant Street2:opal house
Registrant Postal Code:m1 3gw
Registrant Phone Ext.:
Registrant FAX Ext.:
Admin Name:john mcneish
Admin Street1:flat 3 11a whitworth street
Admin Street2:opal house
Admin Postal Code:m1 3gw
Admin Phone Ext.:
Admin FAX Ext.:
Tech Name:john mcneish
Tech Street1:flat 3 11a whitworth street
Tech Street2:opal house
Tech Postal Code:m1 3gw
Tech Phone Ext.:
Tech FAX Ext.:
John McNeish? So why is his email address firstname.lastname@example.org then? Probably because this is really Gary McNeish who has been involved in offshore SMS spamming before.
So, is Gary McNeish responsible for the ppinomore.com SMS spam? It could just be a coincidence that a server stuffed with dodgy finance and marketing sites contains both a site belonging to Gary McNeish and these ppinomore.com scammers, after all there's no indication that this is actually Gary McNeish's server, just that he has a site on it.
Still, hopefully the recently announced ICO crackdown on SMS spammers might have a positive effect.
Here is another link between ppinomore.com and Gary McNeish's myppi.org - if you search for the text "ppinomore is a marketing agent. Our partners are regulated by the Ministry of Justice" on Google, it also appears on myppi.org:
Funnily enough, the content for myppi.org has changed to some search engine called "Yadoo" since it was indexed by Google. It must just be a coincidence that the ppinomore text appeared on Mr McNeish's site, yes?
The following numbers also seem to be in use for this spam:
Please add any more in the comments, thanks!