Debunking hoaxes and exposing scams since 2003!

Hoax-Slayer Logo

PHISHING SCAM - 'Virgin Media Quick Pay Profile Update'


Outline

Email purporting to be from Virgin Media claims the company has introduced extra security features and users must therefore click a link to upgrade their Quick Pay profile.

Facebook phising
© Depositphotos.com/ payphoto

Brief Analysis

The email is not really from Virgin Media. It is a phishing scam that attempts to trick Virgin Media customers into supplying their account login details and other personal and financial information via a fraudulent website.

Example

Subject: Virgin Media Update

Dear Customer,

In our constant effort to improve your experience of our services, We've introduced extra security and more features with Virgin Media Quick Pay profile! Virgin Media Quick Pay profile is an upgrade to your existing Quick Pay account. Please complet your profile update here. Thank you for helping us serve you better

Yours sincerely,
The Virgin Media Team.

Virgin Media Update Phsing Scam


Detailed Analysis

According to this email, which purports to be from Virgin Media, extra security and other new features have been introduced to the company's 'Quick Pay' system in an effort to improve user experience. Therefore, claims the message, Virgin Media customers must update their Quick Pay profile by clicking a link. The email includes the Virgin Media logo.

However, the email is not from Virgin Media and customers are not required to click a link and update profile details as claimed. Instead, the email is a phishing scam designed to steal login details and other personal information from Virgin Media customers.

Those who believe the false claims in the message and click the link as instructed will be taken to a fake website that contains a login screen. To make the claims seem more legitimate, the fake website features the Virgin Media logo and colour scheme and includes secondary links that lead back to the genuine Virgin Media website.

After users provide their account login details on the fake web page, they will be taken to a second fake page that asks for their credit card details and contact information.

All of the information supplied on the fake site can be harvested by scammers and used to hijack user accounts and commit credit card fraud.

The 'account update' ruse is a very common phishing technique. Genuine service providers are unlikely to send you a generic and unsolicited email claiming that you must click a link to update account details. If you receive such an email, do not click any links or open any attachments that it contains. It is always safest to login to your online accounts by entering the account address into your browser's address bar rather than by clicking a link in an email.



Last updated: May 5, 2014
First published: May 5, 2014
Written by Brett M. Christensen
About Hoax-Slayer

References
Phishing Scams - Anti-Phishing Information