Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider


Site Navigation










Issue 137 - August 2012 (2nd Edition) - Page 8

Three.co.uk Phishing Scam

Issue 137 Start Menu

Previous Article            Next Article

Outline
Email that appears to originate from mobile phone service provider Three.com.uk claims that the customer's account has been locked and must therefore be reactivated by clicking a link in the message.



Brief Analysis
The message is not from Three and the claim that the user's account has been locked is untrue. In fact, the message is a phishing scam designed to trick recipients into providing their Three account login details to Internet criminals.

Bookmark and Share
Detailed analysis and references below example.

Enter your email address to subscribe to the Hoax-Slayer Newsletter:






Last updated: August 10, 2012
First published: August 10, 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer


Example

From: Three.co.uk
Subject: Account locked


Dear Customer,

Please accept our apology for a recent system up-grade that has affected
some of our customers and you are one of many that has been affected by this
up-grade. This means that you cannot login into your account except you follow
the link below to reactivate your login.

Please do not reply to this message. For questions, please call Customer Service.
We are available 24 hours a day, 7 days a week.

Copyright © 1999-2012 Three.co.uk. All rights reserved.

Please do not reply to this e-mail as this is only a notification. Mail sent to this address cannot be answered.




Detailed Analysis
This email is created so that it appears to originate from phone service provider Three.co.uk. The email claims that the recipient is one of many Three customers that have had their account locked due to a recent system upgrade. The email instructs recipients to click a link in the message in order to log in to the upgraded system and reactivate the account.

However, the email is not from Three and customers have not been locked out as claimed. The message is an attempt by online criminals to steal Three account login details. People who are taken in by the trick and click the link will be taken to a fake login webpage designed to resemble the genuine Three website. Login credentials entered on the fake login page will be delivered to the criminals operating the phishing attack. After collecting this information, the criminals can then login to the Three accounts belonging to their victims, steal any personal and financial information that they find and use the accounts to conduct further fraudulent activities. Ironically, once they have gained entry to the compromised accounts, the criminals may really lock out the legitimate users by changing account passwords.

Three has published information about phishing scams on its website.

Phishing is a very common criminal ploy and has been used to target customers of a great many service providers and financial institutions all around the world. The cover stories used by phishing scammers are many and varied. But, as a rule of thumb, be distrustful of any email that informs you that there is some sort of problem with your account and claims that you must click a link or open an attachment in order to resolve the supposed issue. Instead of clicking a link in an email, it is always safer to login into your online accounts by entering the account web address into your web browser's address bar.

Bookmark and Share


References

Three - About phishing
Phishing Scams - Anti-Phishing Information

Previous Article            Next Article

Issue 137 Start Menu

Pages in this issue:
  1. Anti Text-Driving Message - Car Wedged Under Truck Image
  2. Nationwide Phishing Scam Emails
  3. Faux Image - Double Sunset on Mars
  4. Microsoft Cyber-Crime Department Phishing Scam
  5. Does A Photo Depict A Puppy Being Forced to Drink Vodka?
  6. Post Circulating Claims Hotel Made Disabled US Veteran Crawl Down Stairs
  7. AFL vs NRL - Wrongdoings of Australian Members of Parliament Hoax
  8. Three.co.uk Phishing Scam
  9. Another Facebook Sick Baby Hoax - Baby With Brain Cancer
  10. Circulating Opinion Piece - 'Democratic, Republican Liberal-Progressive's Worst Nightmare'
  11. Fake Three (Or Seven) Headed Snake Image
  12. Misleading Health Advice Email - 'Mayo Clinic on Aspirin and Heart Attacks'
  13. Facebook Survey Scam - Free Argos Gift Card
  14. 'Email Deactivation Warning' Phishing Scam
  15. Anti-Obama Youtube Video Compiles Multiple Conspiracy Theories
  16. Fake AT&T Bill Emails Point To Malware
  17. Messages Claim Coca Cola to be Banned In Bolivia
  18. 'Free Apple Product' Text Message Survey Scam
  19. Circulating Warning - Facebook May Close Down Animal Rescue Account'
  20. 2012 FIFA World Cup Online Lottery Advance Fee Scam
  21. Email Claiming US Gold Medal Gymnast Gabrielle Douglas Faces Lifetime Ban Used to Spread Malware
  22. Bigpond Security Service Phishing Scam
  23. Wrestling Star John Cena is NOT Dead
  24. Hoax - NASA Predicts Total Blackout of Planet in Dec 2012
  25. Wrestling Star Undertaker is NOT Dead
  26. Colin And Chris Weir Donation Programme Advance Fee Scam
  27. US EPA Regulations Force Power Plant Closures
  28. 'View Facebook Followers' Scam Targets Twitter Users
  29. Lloyds TSB 'New Banking Authentication' Phishing Scam
  30. Faux Image - Pilots Protesting Chemtrails
  31. Telstra Bill Account Update Phishing Scam
  32. McDonald's Signboard Supporting Chick-Fil-A
  33. ABSA 'Authorized EFT Payment Received' Phishing Scam
  34. Hoax Picture - Obama Holding Phone Upside Down
  35. 'eBay Item Not Received' Phishing Scam Email
  36. Wells Fargo 'Security Check' Phishing Scam
  37. False Warnings - 'Cleaning out Friends List' Questions on Facebook Contain Viruses or are Posted by Hackers