Tag Archive | phishing

Phone text – free calls offer?

Phone Text phishing scams are nothing new in the recent years, but they are just not so common, like e-mail scams are. You know those Millions winning offers, bank details request to transfer gadzillions of dolars from some princess in some country, and many others. Funny ones or sometimes even very convincing one.  Recently we have received screenshots from our colleges in Ireland for a phishing scam targeting O2 provider customers via text message.

Message is simple:

O2 phone scam

If you are not many of us – click at what ever shows up on the screen, than you will notice what’s wrong with the message: The link is not to O2 page, which is o2.co.uk or o2.ie but it’s to o2upgrades.org

ORG domain is purposely for organization with non-profit character. So deferentially not O2.

If you click at the link you are redirected to:

O2 Scam messageAnd here is exactly what we expected – phishing page where you enter your Mobile number and password. Therefore exposing your account details.

We have entered fictive details in to the form, and what happens next is that we are redirected after to legitimate O2 website login page:

O2 web

And this is what most user are not aware of. For that split of second you have entered your login details on the page 2 and pressed submit, your records were written to someones database, and than you are passed to the legitimate O2 website. You think, hm… maybe I did enter it wrong. If yo did it right, you have just gave your details to some cyber criminal who can pass your details further, sell it on the black market or even use it himself. You are now on the legitimate O2 website login page, but no sign about the special offer. Why? Because it never existed. That was the whole phishing scam – phishing because  what it means – to lure you somewhere where you would enter your login details so they get recorded for someone, somewhere for some purpose.

Be aware: if something looks as a very good offer, and it’s sent straight to you, stop, and think. In most cases it’s a scam. And if you are not sure, why not to ring the sender to make sure that the message is legitimate?

And in case you fell for the scam, just change your login details immediately.


Prepared by K7 Computing UK and K7 Computing Ireland.