BT Customers Targeted by Phishers

Security researchers from GFI Software warn that BT customers are currently targeted by phishers in attacks spoofing the company's website and trying to steal their financial details.

The researchers only analyzed the phishing page, which mimics the BT customer login site and takes users to a fake form to update their billing information.

The form asks for a wealth of financial information, including full credit card details, billing address and bank account number.

After submitting the information users are told the data will be verified by BT's Billing Department within 24 hours, which of course is just a method of buying time until the victim realizes what happened.

Even though the GFI researchers have not detailed the method in which the fake page is advertised to users, they said it's probably being done via email.

Indeed, a BT email phishing campaign spotted in December matches up with the behavior of this page very well.

According to scam tracking website MillerSmiles.co.uk, the emails purported to come from a BTebilling@bt.com address and bear a subject of "IMPORTANT: Alert about your billing information on file."

As expected, the phishing email claims the automated billing process failed and asks recipients to go into their account to update their information in order to avoid Internet service being interrupted.

The phishing page displayed in the screenshot provided by MillerSmiles is identical to the one shown by GFI Software in their report.

Email-based attacks directed at BT customers are not something new. Phishing and malware distribution emails abusing the ISP's name go back several years.

The company even maintains a page in its customer help section instructing people on how to report such phishing emails.

Users are advised to always make sure they are on the legit website by double checking the address bar and SSL indicators before providing any kind of personal or financial information.