Three Mobile users should be on high alert for a convincing email scam that claims to be from the UK mobile network. According to the team at the Cofense Phishing Defence Center (PDC), this new attack is designed to fool unsuspecting customers into handing over names and even bank details.
The message, which has begun dropping into inboxes across the UK, is designed to look like it has been sent from an official Three account. Once opened, the message warns that the mobile network is struggling to process a payment, stating: “Your latest bill payment could not be processed by your bank. Access your mobile service will be suspended. Download the attachment form to amend your billing information.”
The attached file then takes users to a fake website where it then requests vital information such as login credentials, personal information and credit card details.
PDC says the source code indicates this is a clone of actual Three html code, re-appropriated for malicious purposes; for instance, styling elements are pulled from Three website – making them much more convincing than some other scam campaigns. Additionally, all the options in 3GUK direct users to the legitimate relevant Three page so that, for example, if one clicks on “iPhone 11” under the Popular Phones section at the bottom, the end user is redirected to the real Three iPhone 11 page.
These are clever tactics from the scammers to try and make this look as real as possible.
Those who are tricked could end up handing over vital information which could lead to serious financial losses. So this threat is well worth taking note of.
If you’re worried about any scams it’s worth following this advice from Three who say they will never email customers requesting information such as user names, passwords or bank details.
Top tips to avoid getting scammed
• Never give out any passwords to anyone, over the phone, in person, online or via email.
• Your bank, network provider and many other companies that handle your money will usually ask you to enter select characters of a password or login number. If you’re asked for your full password or login number by one of these companies, it’s almost certainly a phishing scam, and you should contact your bank or network provider immediately.
• Never click on links in emails or texts that ask you to sign in to your account. Close the email and go directly to the company’s website.
• Install good virus protection on your personal computer. You can buy trusted anti-virus software from companies like McAfee and Norton, or you can download free software from well-respected places, such as Avast and Kaspersky. Make sure you research the software you choose.
• Make sure you’re visiting secure websites. You can look for the padlock icon in the address bar to check if a website is secure.
• Remember, grammar and spelling are important to respectable companies like your internet or network provider and your bank, so if something reads really badly, it’s probably a scam.
• Your bank, phone provider and money management companies know you. They’ll address you by name.
• If you’re worried about the security of your personal details, you can find out more on our Fraud and Security page. Keep your details protected, stay safe online, and stay connected.
Published at Thu, 26 Mar 2020 09:00:00 +0000