14 DAY TRIAL // Cybercriminals are busy these days sending out spam emails that appear to come from Telefónica UK, the British telecoms company better known as O2.
The bogus emails, spotted by millersmiles.co.uk, are entitled “Spring Promotion O2” and they inform recipients that they can receive a significant bonus if they recharge their prepaid cards.
The poorly-written emails look something like this:
“Promotions Reload now your sim O2 of 10.00£, you will receive another 30£ on your phone for FREE, RECHARGE YOUR PHONE WITH £10.00, NE GET BEN 40! ACCESS TO SERVICE. All amounts are inclusive of VAT. By activating the service you agree to the Terms and Conditions relating to O2.
To know the latest news of the offer O2 and commercial information, call him. The advertising information shown in this website are intended solely for dissemination via the Internet.”
The link contained in the emails doesn’t point to the legitimate O2 website, but to a compromised site that hosts a phishing page.
The cleverly-designed page requests victims to provide their O2 phone number, the amount of money they want to charge, their credit card number, its expiry date, and CVV.
Once the “charge your phone” button is clicked, the victim is directed to another site which requests the O2 account password. After the password is provided, the victim is taken to o2.co.uk, the company’s legitimate site.
To make everything more legitimate-looking, MasterCard SecureCode and Verified by Visa logos are displayed. In addition, all the links from the phishing website, except for the “charge your phone” button, point to the genuine O2 site.
For the time being, the website that hosts the phishing page is not blocked by antivirus solutions or by browsers, so users who don’t notice that the site is not o2.co.uk might end up handing over their financial details to cybercrooks.
If you already fell for it and provided your information, contact your credit card issuer immediately. Also, be sure to change your passwords.
