Issue 149 - March 2013 (1st Edition) - Page 11
O2 Shop 'View Bill Online' Phishing Scam
Email purporting to be from UK based service provider O2, claims that recipients can open an attached file to view their bill online.
The message is not from O2. Instead the email is a phishing scam designed to trick recipients into submitting their O2 account details and other personal information to cybercriminals.
From: O2 Shop
Subject: Your bill (£204.00)
Our system shows your bill of £204.00 is due and ready to view online. This might be an
error from our server and you will be required to update your details again. Please download the document attached to this email and confirm your recent bill.
Our customer service team.
This email is sent from O2 Uk Limited.
Registered office: 260 Bath Road, Slough, Berkshire, SL1 4DX.
Registered number: 1743099.
Copyright © 1999-2013 O2 Shop. All rights reserved.
This email, which claims to be from UK based telecommunications provider O2, informs recipients that their bill is due and available for viewing online. The message also claims that users must update their details in case the server has made an error. Recipients are instructed to download an attached file to confirm the supposed bill.
However, the message is certainly not from O2 and the attached file does not contain a bill. Those who do open the attached file will be presented with a web form that asks them to provide their O2 account username and password along with other personal information. The bogus form is constructed so that it closely resembles a genuine O2 webpage. To further disguise their nefarious intentions, the scammers have included secondary links on the form that go to the genuine O2 website.
All information submitted via the fake form
will be collected by criminals and subsequently used to hijack the victim's real O2 account.
No legitimate organization is ever likely to request users to provide sensitive information such as usernames and passwords via an unsecure email attachment. It is always safest to login to your online accounts by entering the company address into your browser address bar rather than by following an email link or opening an attachment. If one of these scam emails comes your way, do not open any attachments or click any links that it may contain.
O2 has published information about such phishing scams
on its website, including how to submit examples of scam emails that you may have received.
Phishing continues to be a major form of online fraud and gains new victims all around the world every day. Beware
of any unsolicited messages that claim that you are required to follow a link or open an attached file to submit private account information. You can learn more about phishing scams here
Last updated: February 16, 2013
First published: February 16, 2013
Written by Brett M. Christensen
Pages in this issue:
- Lakeside Attempted Abduction Warning
- The Tale of the Racist Airline Passenger
- Circulating Post Claims US Charity CEO's Overpaid
- Bogus Warning - 'Talking Angela' Threat to Children
- WhatsApp 'Servers Really Full' Hoax
- Contact Lens BBQ Warning Hoax
- Facebook Hoax - Pay to become Gold Member or All Your Documents will be Made Public
- Facebook Team Security 2013 Phishing Scam - 'Last Warning - Your Account Will Be Disabled'
- Friend Request Facebook Ban Warning - 'Facebook Jail'
- Will Responding to a Question about Facebook Group Usage Cause Future Posts To Be Censored?
- O2 Shop 'View Bill Online' Phishing Scam
- Images Purporting to Show Jamie Bulger Killer Jon Venables Circulate Online