Fake O2 Texts Phish for Victim Credentials

A new text-based scam is making the rounds in the UK. Potential victims of the scam receive fake text messages that pose as official communication from British telecom company O2, asking users to update billing details.

The fake text message claims that your payment details are "incorrect" and urges the victim to update them by tapping on a malicious link contained in the text. The full text of the scam reads:

"O2: Your billing details are incorrect, please update them by going to your O2 account on your desktop or mobile phone."

This is followed by the fake user account link which, of course, we are not going to publish here but will simply mention the domain used ends in .co and not in .co.uk, like the domain that the legitimate O2 website uses.

In response to the spreading phishing scam, O2 set up a dedicated page on their website to warn people against the fraudulent texts and raise awareness of the issue. This sort of low-profile, easily disseminated scam is not the first of its kind. In the middle of summer 2020 a similar fake text was being distributed, claiming that a user payment failed to go through and an update of the user's payment method was needed, accompanied by a similar phishing domain, made to scrape the login credentials and any other info scared victims would willingly provide.

How to Stay Safe from Phishing and Scams?

Phishing is becoming an increasingly common method of scamming people out of their credentials, personal information or even directly their money. Clever social engineering combined with the fraudulent use of popular brand names can do a lot for fraudsters. However, there are a few general rules of thumb that can help you stay safe.

Always check any suspicious text or email thoroughly for any grammar or spelling mistakes. Sometimes bad actors will register a fake domain that just replaces a letter with a number - make sure you don't overlook such fakes. Double-check all URLs and links and never follow any links contained in a message or email that you feel unsure about. Make sure to check the official domain name of any company or organization that allegedly sends you any messages and cross-reference them with the domains used in the message.

Never provide your credentials or personal information in any forms that you open from suspicious messages or emails. Hackers can set up convincing fakes of legitimate login portals and steal your credentials through them.

September 25, 2020

Leave a Reply