O2 customers hit by phishing scams

Internet scam

The network problems that blighted thousands of O2 customers across the UK this week appear to have inspired hackers to try and steal their account login details.

An IT Pro reader passed on an email they received on Thursday morning, apparently sent out by The O2 Team, updating them about the latest twist in the firm's network outage.

Oddly, the reader who sent the email in is not an O2 account holder.

At the end of the email, recipients are then advised via a poorly written message to visit a URL to update their O2 account information for security purposes.

"As part of ongoing upgrade, We (sic) have introduced a new internet security into our online services to protect all our users (sic) information. We endeavour all our user's (sic) to protect their account by clicking on the link below," it states.

When you click on the link, users are directed to an "O2 Security Update" account login page.

They often choose to strike when your guard is most likely to be down.

If you leave the boxes blank and press return, a "thank you for updating your account" message appears, before re-directing users to another O2 login page.

According to several web domain registration sites IT Pro checked, the O2 Security Update site was registered just over a fortnight ago in China, casting doubts on its authenticity.

The email address used to direct users to the site was flagged on anti-phishing website, Millersmiles, in May for sending out dubious emails.

In a statement to IT Pro, a spokesperson for O2 confirmed the email and the site are not genuine.

"We haven't sent any emails to customers asking them to enter their account details and clearly we advise customers to make sure they only enter their password on our own website," said the statement.

Speaking to IT Pro, Ian Moyse, security market watcher and sales director at cloud CRM firm Workbooks, said it is not unusual for hackers to seize on high-profile outages to make people fall for their scams.

"They often choose to strike when your guard is most likely to be down, so that you're not thinking about the 'don't click through' mantra," he said.

"In this instance by preying on pained O2 customers who are desperate to be back online."

Caroline Donnelly is the news and analysis editor of IT Pro and its sister site Cloud Pro, and covers general news, as well as the storage, security, public sector, cloud and Microsoft beats. Caroline has been a member of the IT Pro/Cloud Pro team since March 2012, and has previously worked as a reporter at several B2B publications, including UK channel magazine CRN, and as features writer for local weekly newspaper, The Slough and Windsor Observer. She studied Medical Biochemistry at the University of Leicester and completed a Postgraduate Diploma in Magazine Journalism at PMA Training in 2006.