Action Fraud wants the public to be vigilant
Action Fraud – the UK’s national fraud and cyber crime reporting centre – said it had received “lots” of reports about fake, personalised O2 and Vodafone emails, which likely contain the Emotet banking malware.
Customers who have received the emails are warned not to click any links.
The emails are said to look official and legitimate at first glance.
The simple steps YOU need to take to avoid being hacked in an online scam Mon, April 10, 2017
MAKE sure you are protected against the latest online attacks by following these simple steps.
EXPRESS NEWSPAPERS • GETTY 1 of 13
Ensure you're protected against online attacks by following these steps
However, on closer inspection, they are littered with typos, grammatical errors and bad English – all of which would never be in an official email.
One email from O2, for example, says: “Now you have your bill for 06/04/17 been ready. This month you have £232.98 for payment. We will take it away from your account at the payment day, or a bit after.”
The Vodafone bill says: “Your latest Vodafone bill is ready for you to receive it online.”
O2 customers have fallen victim to the scam emails
Customers who receive suspicious messages – either by email or text – are encouraged to look closely at the contents for any red flags.
The email links contain malware that is automatically downloaded the minute the link is clicked, and is designed to steal bank account details by intercepting outgoing network traffic.
Get Quotes on Home Insurance
Once installed, it infects the device and attempts to steal sensitive information from victims.
Vodafone customers have also been targeted by the scam
Recipients of the dodgy emails have been flagging them on social media, pointing out the grammatical errors and mistakes.
A spokesman for O2 said: “If anyone receives an email they suspect is a phishing scam they should not click on any of the links within it.
“At O2, customers can forward any such emails to firstname.lastname@example.org so we can investigate and take action.”
Emails are said to look official at first glance
Suspicious emails will often contain a number of red flags. These can include attachments or prompts to install software to your device, or be littered with grammatical errors.
Users are also told to look out for forged (or spoofed) email addresses that make it look like the email is coming from an official site, and reminded that official emails will never ask for your password or any other personal information.
If you’ve been a victim of fraud, report it to Action Fraud by calling 0300 123 2040.