Beware of 'Three Mobile' Phishing Scams That Extract Credit Card Details and Passwords

Hutchison 3G UK Ltd., better known as Three UK, is a British telecommunications company that has been in business since 2003. In 17 years, the company has earned the trust of 8.8 million active customers, and it is in the top 10 telecom companies in the UK. Unfortunately, even trusted and popular brands can lose customers if their reputations are tarnished. That is not necessarily the main goal behind the scams we discuss in this report, but that can be the effect. One of the more recent Three-related scams involves a misleading message claiming that your latest bill payment could not be processed and that you need to update extremely sensitive information. From now on, we refer to it as the online@three.co.uk scam. If you continue reading, you will learn about other scams that have been exploiting Three UK, as well as what to do if you are fooled by phishing scams.

The devious online@three.co.uk scam was set up to extract personal data

If you are a customer of Three UK, are you used to receiving emails from the company? If you are, you might not blink an eye at the online@three.co.uk scam email that comes your way. The Cofense Phishing Defense Center discovered and analyzed the scam, and they found that the attackers behind it were able to discover that three.co.uk did not block the sender (IP 86.47.56.231) from sending emails using the online@three.co.uk email address. The researchers believe that this could have happened if the company tried to circumvent (Sender Policy Framework) policies that could prevent legitimate emails from coming through. That means that the potential targets of the scam were left to their own devices when uncovering this particular scam. That being said, recognizing the online@three.co.uk scam as an actual scam should not be that hard. The title of the email is “3G Your mobile services Your Account,” and the message declares this:

Your Latest bill payment could not be processed by your bank.
Access to your mobile services will be suspended.
Download the attachment form to amend your billing information.
Your sincerely,
3G Customer Services.

This message is believable enough to fool less vigilant customers. However, if you do not use 3G services, it should be clear that you have faced a scam email. If you are a real customer, the first thing you need to do is contact the service provider. Click HERE to learn about the different ways you can contact Three and ask them if the latest bill payment could not be processed. Of course, contacting any company is a hassle, and it might seem easier to just click the “RGUK.html” attachment and see what is going on. That is a mistake. If you open this attachment, you are shown a fake form that asks to disclose your Mobile/device number, Password, Full name, Address, Date of birth, Mother’s maiden name, Mobile number, Card number, Expiration date, Security code, Account number, and Sort code. Hopefully, you recognize the scam right away and close the fake form immediately. If you have disclosed personal information, the attackers behind the online@three.co.uk scam could perform identity theft, hijack accounts, and steal money from you.

Three has been fighting Smishing and Wangiri attacks for years

In 2018, Three UK saw a wave of phishing attacks targeted at its customers and, undoubtedly, this was not the first one to hit the company. Smishing stands for SMS Phishing, and that involves bogus, misleading text messages set up to extract sensitive information. Just like the online@three.co.uk scam, a smishing scam can be used to gather names, addresses, phone numbers, secret information (e.g., mother’s maiden name), and payment card information. For the most part, phishing texts are more obvious than phishing emails, and most receivers of such texts are likely to recognize being scammed immediately. Without a doubt, if you receive a funny text message, you must not respond to it or click links embedded within it. That being said, you should not ignore such a text message completely. Three asks to forward it to 7726. The company also has some guidelines for recognizing smishing.

Three is also sensitive about Wangiri attacks, which are dropped calls set up to lure people into calling back. If you do, you are likely to be charged for premium rate services, which could cost you a small fortune. The company claims to have implemented “an intelligence system that actively monitors for fake numbers.” If you find a missed call from an unknown number – especially if it is from an international number – Three asks you to text CALL to 7726 and forward the suspicious phone number via text so that further investigation could be conducted.

Phishing victims can lose money

Whether you are a victim of the online@three.co.uk scam, a phone-call scam (schemers can impersonate Three operators), or a smishing scam, you need to be very cautious about how you handle the situation. If you choose to hide under a rock, pretending that nothing bad happened, you could soon find yourself in a very messy situation. For example, thisismoney.co.uk shared a story of Mrs. L, who claimed that someone took out a phone contract in her name, due to which, she was then threatened by a credit recovery company. They demanded a payment of £360, and when she refused to pay, her credit score started declining. According to Three, this could have happened only if the victim had disclosed personal information. The investigation – which, fortunately, resulted in account’s closing and full annulment of the payment – revealed that the account was set up online. That means that no identification was required.

So, if you do not want to relive the experiences of Mrs. L, it is important that you take care of your security in case someone manages to extract sensitive, personal information from you. First and foremost, you must change your password to secure your online account. And do not recycle a different password you use, or add an additional number or letter to the old password. Instead, we advise that you generate a strong, complex password using Cyclonis Password Manager's password generator that no attacker will be able to guess. Afterward, contact Three and your bank to warn them about the scam. They will instruct you to take specific actions to secure your funds and your own privacy. In the future, critically assess every email, SMS message, and call that you receive from someone introducing themselves as Three UK.

By Foley
July 1, 2020
Computer Security
July 1, 2020
Computer Security

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

4 years ago

Microsoft Warns State-Backed Threat Actors Are Using AI in...

4 days ago

Trojan Al11 Malware Detection & Removal - An Essential...

11 months ago

Pinaview is a Fully-Featured Adware App

10 months ago

"Your iCloud is Being Hacked" and "Your iPhone has Been...

7 months ago

What is Lucky Ransomware?

7 months ago

Related Posts

News

Schemers Hide Behind SharePoint to Expose Victims to Phishing Scams

We've often said on these pages that in technical terms, phishing is the simplest form of cybercrime. Even so, pulling off a successful phishing attack still requires some preparation, especially if the crooks are... Read more

September 13, 2019
Phishing

A Citibank Phishing Scam Attempts to Extract Personal Information

Yet another phishing scam targeting Citibank customers was doing the rounds recently. It was discovered by a researcher going by the Twitter handle MalwareHunterTeam, and other cybersecurity sources also reported on... Read more

January 24, 2020
Computer Security

'I Got Phished' Promises to Notify the Victims of Phishing Scams

If most of your work tasks are performed online, you probably encounter phishing emails from time to time. Everyone knows (at least in theory) that they need to avoid phishing, but sometimes it is hard to tell... Read more

March 30, 2020
Loading...

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Backup Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Backup's Terms of Service Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2024 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.