Action Fraud the UK’s national fraud and cyber reporting centre has warned about an E-mail phishing attack which contains messages from ‘02’ and ‘Vodafone’ telling you to ‘Pay your Monthly Bill in Full’.
The E-mails sent out on a large scale try to convince you that you have a large bill outstanding and it will be taken from your account shortly. The E-mails which can be viewed below then provide a link which claims to direct you to your account. It is extremely important that you do not click the link. Action Fraud has stated that the malicious links will likely contain Emotet banking malware, which will look to get your bank account details.
— Action Fraud (@actionfrauduk) April 11, 2017
There are a few different examples of the E-mail going around, but there are a few easy mistakes that you can spot and look out for to check the validity of the E-mails.
As you can see in the above image there is extremely poor grammar in the E-mails. If you hover over the malicious link you can also see that it is directing to a rogue website which has nothing to do with either of the two phone companies;
Finally, the E-mail sender has no link to 02. Always double check who is sending the E-mail and their address;
Even people who aren’t with either of the mobile telecoms giants have been receiving the malicious E-mails. Both 02 and Vodafone have told people to forward any suspicious E-mails to their dedicated phishing accounts; firstname.lastname@example.org
02 Phishing E-mail – email@example.com
Vodaphone Phishing E-mail – firstname.lastname@example.org
It is exceedingly rare that companies this size will ever resort to E-mail to ask you for payment details. If you have any questions, contact them directly via their office websites or telephone numbers. Never click links that have been sent in E-mails.
Have you been subject to a phishing scam? Let us know down in the comments below, and we’ll create an article to alert people.