Debunking hoaxes and exposing scams since 2003!

Hoax-Slayer Logo

Vodafone System Update Phishing Scam


Outline

Email purporting to be from phone service provider Vodafone claims that, due to a new system update, customers must click a link to login and confirm their email address.

Vodafone Logo
© Depositphotos.com/RSBDesign

Brief Analysis

The email is not from Vodafone. It is a phishing scam designed to trick users into giving their Vodafone account login details to fraudsters. Criminals can use the stolen login credentials to hijack Vodafone accounts, harvest sensitive personal and financial information stored within, and use the accounts for their own nefarious purposes.

Examples

Dear Customer,

Managing your Vodafone account online;

Due to our recent essential system upgrades we request all our customers to update there online Account to our newly secured and safe update

Thank you for updating your Vodafone online account.

To complete this change, please confirm your email address by clicking here and entering your username and password.

If you have any queries regarding the above, please visit our Help Centre.

Yours sincerely,
Vodafone Customer Services

Dear Customer,

Managing your Vodafone account online.

Thank you for updating your personal details.
We are happy to inform you about our new system update:

To complete this change, please confirm your email address by clicking here www.vodafone.co.uk/security/new_security.html and entering your username and password.

If you have any queries regarding the above, please visit our Help Centre.

Need help?
If you have any further queries regarding your order, please contact us:
by contacting our support team
by visiting our help centre
by calling customer support on 191 from your Vodafone phone
If you don't have a Vodafone phone, call 08700 700 191 for pay monthly, 08080 600 802 for business, or 08700 776 655 for pay as you go.

Thank you,

Vodafone




Vodafone System Update Scam

Welcome to my account

Dear Customer,

Since you've registered for My account, you can login any time you like. It makes managing your mobile phone and devices as easy as pie.

There are loads of things you can do through My account - like checking your call costs, paying your bills online and topping up your phone. And you'll get all the benefits of Vodafone VIP - with access to some of Britain's best events.
Complete your registration

Please confirm your email address by clicking this link and entering your user name and password. It only takes a few seconds. And that way, we'll know any emails we send you are going to the right place.

Any questions? Just go to our help centre.

Best wishes,
Vodafone Customer Services

Vodafone scam


Detailed Analysis

his email, which purports to be from popular phone service provider Vodafone, reports that the company has updated its systems and customers are therefore required to confirm account details by clicking a link in the message.

However, the message is not from Vodafone. It is an attempt by Internet fraudsters to extract account login details from unsuspecting Vodafone customers.

Those who click the link will be taken to a bogus web page designed to look like the genuine Vodafone website and asked to enter their username and password to login to the "updated" system. After they have entered their login details on the fake website, they will be taken to a second web page that thanks them for updating their account details and invites them to click a "Proceed" button.

Clicking the button redirects victims to the genuine Vodafone website. Meanwhile, the login details input on the fake site will be collected by the scammers.

Armed with this stolen information, the scammers can then gain access to the compromised Vodafone accounts at will. Once there, they can harvest personal and financial information stored in the accounts and use it to commit fraud and identity theft.

Phishing attacks of this nature are a regular occurrence and target customers of many different financial institutions and service providers all around the world. Be very cautious of any unsolicited email that talks of a system update and instructs users to click a link or open an attached file to confirm account details. This is a common scammer tactic. It is always best to access your online accounts by entering the account address into your browser's address bar rather than by clicking a link in an email.



Last updated: August 20, 2014
First published: June 4, 2013
By Brett M. Christensen
About Hoax-Slayer

References
Phishing Scams - Anti-Phishing Information






Latest Hoax-Slayer Articles