Solved: PHISHING TEXT

Anonymous · ‎29-12-2016

I've just received a text today from BILLING and it looked convincing. It addressed me by my Christian name and said the following :

"Hey T***,
We're having issues verifying your account details.
To avoid your services being terminated, please click below.

https://www.my-02.co.uk"

The giveaway was that it used 02 instead of O2. Can anyone help me confirm this?

Many thanks

Toby · ‎03-01-2017

Hi guys,

We are investigating this text and if anyone ever feels that communication they receive from us seems a little odd, please do take a look at the page below and follow the right steps as soon as possible:

http://www.o2.co.uk/help/safety-and-security/fraud-and-phishing-advice

Fancy writing a great device review or O2 forum guide? Send me a message!

Get involved:
• New to the community? This is how you get help.
• Want to know who we are? Come and say hi to us.
• Want to have a chat? Drop me a direct message.

Anonymous · ‎29-12-2016

Yes we have had another 2 the same here this evening. Do not click on the link. Forward it to 7726 as spam

@Toby @Martin-O2 this is the third one today

Bambino · ‎29-12-2016

It seems that this phishing text is now doing the rounds. Only three have come here today to query it, but you have to wonder how many customers have fallen for it and have had their accounts compromised? How have they gotten hold of customer's names and numbers? O2 needs to investigate this asap. This could turn into a serious breach of security.

I DO NOT WORK FOR O2

Anonymous · ‎29-12-2016

O2 selling marketing details again likely & the wrong person has got their hands on the list

madasaf1sh · ‎30-12-2016

@Anonymous wrote:
O2 selling marketing details again likely & the wrong person has got their hands on the list

Evidence please, as this would be a major breach by one of o2's partners!!! And a serious accusation.

More than likely someone downloading the mobile ranges and trying every combination, and getting lucky with names, hackers and phasing attacks aren't sophiscated

The domain belongs to a Rob Flem, and uses namecheaphosting.com for dns

Domain was registered on 28th Dec for 1 year by Enom
@Toby @Martin-O2think this is one for your Security Team / legal team

--
iPhone 16 Pro Max - o2 and Spusu
Xperia 1V - Spusu

--
This is not customer services and we dont have access to your account
I do not work for o2 or any VMo2 /Telefonica/Liberty Global Company

MI5 · ‎30-12-2016

Many of us have evidence of out details being sold on against our will and O2 have been challenged about it in the past.
We are a small section of customers too so we've no doubt it happens on a large scale.

I have no affiliation whatsoever with O2 or any subsidiary companies. Comments posted are entirely of my own opinion. This is not Customer Service so we are unable to help with account specific issues.
Please select the post that helped you best and mark as the solution. This helps other members in resolving their issues faster. Thank you.

Cleoriff · ‎30-12-2016

Yes of course a lot of this happened when O2 redesigned My O2 and suddenly reset our marketing preferences without our knowledge. Those of us who had opted out of marketing...suddenly found we were opted back in to receive all and anything.

Veritas Numquam Perit

MI5 · ‎30-12-2016

Add to that, I've found out it resets in o2's favour if you add another contract to your account too.

I have no affiliation whatsoever with O2 or any subsidiary companies. Comments posted are entirely of my own opinion. This is not Customer Service so we are unable to help with account specific issues.
Please select the post that helped you best and mark as the solution. This helps other members in resolving their issues faster. Thank you.

madasaf1sh · ‎30-12-2016

Have you complained to the ICO / or to the o2 Data Protection Officer? about this breach / resetting of marketing preferences?

You can report o2 to the ICO at the bottom of this page , its called a Section 55, Unlawful use of personal data?

https://ico.org.uk/concerns/

Or send them the template letter here:
https://ico.org.uk/for-the-public/raising-concerns/

In relation to these Phishing attacks its not difficult to get a list of peoples names and phone numbers where they have been used on sites such as Yahoo, or Tesco Bank etc which have subject to data leakage and then to correlate them to a network, setup a fake page and get the information and then signup to a mass sms gateway, set a fake number and then send texts.. id say 6hrs work.. then say 5minutes after first text to have some guilible fool, enter there o2 username and password say its failed by store the entry in plain text on a webserver, then you have their bank details, phone number address, a hackers dream...

See you dont need any information from o2 at all..

Any way its for o2 and the police to take action against the people and the webhosts responsible for this phishing attack...

--
iPhone 16 Pro Max - o2 and Spusu
Xperia 1V - Spusu

--
This is not customer services and we dont have access to your account
I do not work for o2 or any VMo2 /Telefonica/Liberty Global Company

Cleoriff · ‎30-12-2016

@MI5 wrote:
Add to that, I've found out it resets in o2's favour if you add another contract to your account too.

Mmmmmm...thanks for that. I haven't added another contract but yesterday I upgraded to a new one....so off to check that out now!

Veritas Numquam Perit