August 18th 2017
Earlier this month, a senior manager at Get Safe Online received a scam email claiming to come from telecoms giant Vodafone, which we publicised as an alert on our social media feeds. The alert has led to high profile press coverage of the ‘phishing’ email. Here are the details:
The email, shown on this page, begins:
Vodafone bill is ready
Dear Customer,
You can now take a look and manage your latest Vodafone bill for invoice date 02/08/2017.
Your total bill for this month is £ 441.46.
Don’t forget, your line rental is charged a month in advance and calls are charged in arrears.
Click here to view your bill
The high amount quoted – together with the warning about advance charges – is designed to send you into a panic and click on the links, which in reality result in either your device being infected by a type of malware that could steal personal details, or being directed to a cloned version of the Vodafone website which demands that you enter your confidential details.
Tell-tale signs
Get Safe Online Chief Executive Tony Neate said: “This is a very convincing example of a fraudulent email which is, unfortunately, bound to catch a number of unsuspecting victims unawares. However, it does contain several tell-tale signs of a classic scam.
“Start by checking out the sender’s address, which is clearly not a Vodafone email – in this case they haven’t even bothered to clone a more authentic one. It begins with ‘Dear Customer’ instead of your name. And it attempts to panic you into action with the size of the bill, which is considerable by many people's standards.
Tony adds “Apart from anything else, my colleague who received the bill isn’t even a Vodafone customer. The scammers send these emails out by the thousands in the certainly that some will reach real Vodafone account holders. It’s our job at Get Safe Online to make the public and small businesses more aware of the dangers of being caught out by these unscrupulous people and get into good habits which will make their online experience safer and more enjoyable.”
Action Fraud’s Steve Proffitt said: "Fraudsters are increasingly targeting people with very professional looking emails warning that online accounts have been compromised and asking you to click on links to verify your details.
"If you have received one of these fake emails, we are advising people not to follow the links in the email as by logging into your account, you are providing fraudsters with your login details which gives them access to your account.
"Always contact the fraud department of the organisation directly from the contact details you have on your statements or bank card and explain the contents of the email you have received."
