I wrote this article for my Crime and Courts column on Examiner.com earlier today. Included here is an image of the email received. In one sense, this is a testament to the interconnectedness of the Internet. There are three different countries involved in this scam, but the bottom line is that it’s still just plain old fraud.
The latest target in an email phishing scam is British telecom provider Telefonica UK Limited. The email is identified as coming from “O2 Shop,” the online store operated by O2, but really comes from a fraudster using a US hosting service for the domain and a Kazakstan email service to handle the email.
The email content reads:
Dear User,
You can now check the progress of your account at My O2. Just go to www.o2.co.uk/O2_security_update.html and enter your username and password. If you’ve forgotten these, we can send you a reminder here too. Once you’ve signed in, go to My account and follow the instructions.
Regards,
O2 Customer Service
For this article, Kathleen McMahon, an Internet security expert, described how these types of scams operate. “Fraudsters play a volume game with phishing email campaigns – the more they send out, the higher the chances some percentage of those receiving the email will believe it is a legitimate email. And then a smaller percentage of those users will actually act on the email, revealing their password or other personal information.”
Using this email as an example, here are a few tips to help spot fraud attempts when you receive them.
- This was sent to an email address scraped from the web, not to O2 customers. This means anyone with a website that includes an email link could receive this email. In this case, the email was handled by a Kazakstan domain company at hhost.com.
- The generic salutation of “Dear User” is a red flag.
- Like most legitimate companies, O2 has a policy of not sending customers unsolicited emails asking for them to update their personal information.
- The link that the email says will take you to an update page does go to an update page, but it’s really a phishing site run by fraudsters.
The provided link goes to a site on the domain burenergo.com, which is hosted by a reputable domain hosting service, Bluehost.com. When contacted, a Bluehost representative asked that the email be forwarded to their Terms of Service Department and stated that they have a team dedicated to dealing with phishing emails.
While Internet security experts such as McMahon hope to some day eradicate online fraud, she also commented on the cost to consumers and said, “The dollar losses are staggering.”
Learn more about Internet fraud on McMahon’s education blog at www.ktmobooks.com. Or, visit the Internet Crime Complain Center (IC3) website at ic3.gov. You can also view an image of the actual email received on terryambrose.com.
Terry Ambrose (terryambrose.com) is a mystery author with an interest in scams and cons. Find him on Facebook or follow him on Twitter. His debut mystery, Photo Finish, is about a hot Honolulu con. Trouble in paradise never looked so good.
Recent Comments