“You’ve just run up a £300 quid bill with O2… click here to check out your bill”.
Text like that would have most of us clicking right-away, whilst screaming, “WHAAAAAT???” really loudly.
Sadly, the first link you’re prompted to click on downloads a seriously suspicious zip file to your computer. Nicely done, hackers, nicely done.
My suspicions were aroused when my wife forwarded this on to me asking whether I’d spent a load of cash on an O2 account she didn’t know about. I don’t have an O2 account at the moment.
Second, I immediately spotted the comma in the figure. That’s not the way it’s done in the UK (commas in currencies are usually European or at least Continental).
I had a look at the URL and saw it was pointing to some phishing download. Interestingly, the ‘click here’ link below actually points to the genuine o2.co.uk account management page. Clever.
The language looks pretty genuine too. Have a look:
Hello
Your O2 bill for 03/06/14 is now ready. You can look at your bill here.
In total, your bill for this month comes to £331,27. We’ll request this amount from your chosen account on, or just after, the date in your bill.
Is your bill more than you were expecting ?
If so, here’s a few reasons why this might be:
- You could have gone over the minutes, texts or data that’s in your allowance.
- You could have called or sent texts to numbers that can’t be taken from your allowance such as International, 0800, 0845 numbers or directory enquiries.
- You have used your phone for calls, text or data whilst abroad.
To view any charges outside your allowance click here
Best regards
O2 Billing
This email is sent from Telefónica UK Limited. Registered office:
260 Bath Road,Slough, Berkshire, SL1 4DX. Registered number: 72388.
Please do not reply.
Now then, do take a bit of time to warn anyone in your family (or friends) who might be vulnerable enough to panic at receiving this email and then click and boom, have their computer taken over. Not good.