on 01-08-2024 16:35
Logged in, to check balance then looked at add balance payments and immediatly my malware detection program found cdn.polyfill.io code trying to inject itself into my browser JS . seems your website has a problem - The JavaScript CDN service Polyfill.io is being used for spreading malicious code redirecting users to third-party websites
on 01-08-2024 16:43
on 01-08-2024 16:43
on 01-08-2024 17:25
I went the Contact us route to see if I could send an email about the malware detection however the only Help and Support links are about accounts, devices and contracts nothing about the website itself, So I tried with asking a virtual assistant which brought me to a screen where it said start a discussion which brought me here. So I take it that theres no way to report this - other than here?
on 01-08-2024 17:54
on 01-08-2024 17:54
@Kreba All ways to contact O2 can be found here: How to find help & contact O2: A Guide - O2 Community
I don't know how much good that will do to help you.
on 01-08-2024 17:57
on 01-08-2024 17:57
contact o2 on 0344 809 0202
on 01-08-2024 18:07
Took some digging, after many redirects and rabbit holes I've found the CyberSecReport@o2.com and posted there, Whether it would help or fix anything, I don't feel safe going to the top up page anymore from news articles from just a few months back shows the Polyfill-io supply chain attacks affecting payment sites I'll just top via voucher instead.
on 01-08-2024 18:14
on 01-08-2024 18:14
A bit of background on this particular threat, for info:
https://blog.redsift.com/news/understanding-the-polyfill-io-domain-attack/
on 02-08-2024 09:48
on 02-08-2024 09:48
Thanks all, I've raised this with one of our security teams to investigate. I'll let you know if we need any further information in the meantime.
on 02-08-2024 10:48
on 02-08-2024 10:48
02-08-2024 12:18 - edited 02-08-2024 12:23
02-08-2024 12:18 - edited 02-08-2024 12:23
@Kei-M_O2 Site URL - myo2payg.o2.co.uk - detection program found a redirect script from cdn.polyfill io - It's the top up page so https://myo2payg.o2.co.uk/webtopup/details?journey=signedIn&disambiguation_id=a926f33b-cf9b-44f0-bf5...