Vodafone System Update Phishing Scam
Email purporting to be from phone service provider Vodafone claims that, due to a new system update, customers must click a link to login and confirm their email address.
The email is not from Vodafone. It is a phishing scam designed to trick users into giving their Vodafone account login details to fraudsters. Criminals can use the stolen login credentials to hijack Vodafone accounts, harvest sensitive personal and financial information stored within, and use the accounts for their own nefarious purposes.
Managing your Vodafone account online.
Thank you for updating your personal details.
We are happy to inform you about our new system update:
To complete this change, please confirm your email address by clicking here www.vodafone.co.uk/security/new_security.html and entering your username and password.
If you have any queries regarding the above, please visit our Help Centre.
If you have any further queries regarding your order, please contact us:
by contacting our support team
by visiting our help centre
by calling customer support on 191 from your Vodafone phone
If you don't have a Vodafone phone, call 08700 700 191 for pay monthly, 08080 600 802 for business, or 08700 776 655 for pay as you go.
Welcome to my account
Since you've registered for My account, you can login any time you like. It makes managing your mobile phone and devices as easy as pie.
There are loads of things you can do through My account - like checking your call costs, paying your bills online and topping up your phone. And you'll get all the benefits of Vodafone VIP - with access to some of Britain's best events.
Complete your registration
Please confirm your email address by clicking this link and entering your user name and password. It only takes a few seconds. And that way, we'll know any emails we send you are going to the right place.
Any questions? Just go to our help centre.
Vodafone Customer Services
This email, which purports to be from popular phone service provider Vodafone, reports that the company has updated its systems and customers are therefore required to confirm account details by clicking a link in the message.
However, the message is not from Vodafone. It is an attempt by Internet fraudsters to extract account login details from unsuspecting Vodafone customers.
Those who click the link will be taken to a bogus web page designed to look like the genuine Vodafone website
and asked to enter their username and password to login to the "updated" system. After they have entered their login details on the fake website, they will be taken to a second web page that thanks them for updating their account details and invites them to click a "Proceed" button.
Clicking the button redirects victims to the genuine Vodafone website.
Meanwhile, the login details input on the fake site will be collected by the scammers.
Armed with this stolen information, the scammers
can then gain access to the compromised Vodafone accounts at will. Once there, they can harvest personal and financial information stored in the accounts and use it to commit fraud and identity theft.
of this nature are a regular occurrence and target customers of many different financial institutions and service providers all around the world. Be very cautious of any unsolicited email that talks of a system update and instructs users to click a link or open an attached file to confirm account details. This is a common scammer tactic. It is always best to access your online accounts by entering the account address into your browser's address bar rather than by clicking a link in an email.
Last updated: June 28, 2013
First published: June 4, 2013
By Brett M. Christensen