cancel
Showing results for 
Search instead for 
Did you mean: 

Suspect vat refund email

Anonymous
Not applicable
Today I receved an email saying "In response to an increase in VAT in the EU and currency changes, and as a result of last week's VAT-related price change, it has come to our attention that between Oct 2012 and Oct 2014 there was a system error which resulted in some of our customers paying the incorrect rate of VAT on some services.

This email had all my personal information, but asked me to follow a link to log into my account, has anyone else seen an email like this? The email looked legitimate, if anyone from O2 monitors this thread, please let me know how to report this.
Message 1 of 374
15,814 Views
373 REPLIES 373

Cleoriff
  • 122371 Posts
  • 824 Topics
  • 7457 Solutions
Registered:

Thanks for posting the link @Anonymous . Welcome to the forum wink

Veritas Numquam Perit

Girl in a jacket
Message 61 of 374
2,656 Views

MI5
Level 94: Supreme
  • 143442 Posts
  • 632 Topics
  • 27490 Solutions
Registered:
Forget internal o2 complaints, it will be pointless.
Everyone who is effected needs to take this external for a proper investigation this time.
I have no affiliation whatsoever with O2 or any subsidiary companies. Comments posted are entirely of my own opinion. This is not Customer Service so we are unable to help with account specific issues.

Currently using:
Pixel 7a (O2 & Lyca), One Plus 6 (Sfr), iPhone 12 Pro Max (Vodafone)
Message 62 of 374
2,649 Views

Anonymous
Not applicable
The ICO recommends:
Complain to O2 with the ICO standard letter that is available on their website.
Await a response.
Regardless of that response then report to the ICO.

Importantly they recommend complaining to the O2 data controller (that is free to search for on the ICO register of data controllers on the ICO website). In O2's case this is under the name of Telefonica with the Bath Rd, Slough postal address. I shall be sending them a letter and hard copy evidence of the email over the weekend. I have never allowed O2 to share my data and so this is either non-permitted disclosure or a security breach that falls short of their responsibilities, in my opinion. I would encourage all affected to follow the same ICO recommendations.
Message 63 of 374
2,642 Views

Beenherebefore
Level 32: Blockbuster         
  • 5063 Posts
  • 113 Topics
  • 12 Solutions
Registered:

There's already been an official O2 response a week ago, this incident is just a follow-on from the earlier incident.

 

Report to ICO as soon as possible and copy O2's statement

 

http://community.o2.co.uk/t5/Other-Products-Services/Scam-warning-received-this-email-requests-all-b...

 

"We’ve completed the investigation after reports from some customers about a new phishing scam. This attempt was triggered by a malware.  

 

To explain a little further, if a computer/laptop is compromised, the scammers can put on key loggers and other malware, this can be done when visiting legitimate compromised web sites, clicking on phishing e-mails or using unsecured wireless networks. They can capture keystrokes and screenshots of any systems that a user logs onto.  This information is then used by the scammers in targeted phishing emails and texts to make the user think they are genuinely sent from the originator because it appears to contain accurate information to the user.

 

To conclude, no personal data that may have been used within this phishing scam originated from O2.

 

We have a page on our website where customers can find out more about phishing emails, how to spot them and what they can do if they receive one that claims to be from us: http://www.o2.co.uk/help/everything-else/phishing#qs You can also check out our blog that showcase an example phishing email attempt:http://news.o2.co.uk/2014/05/29/phishing-alert-may-2014/

 

We take the subject of security very seriously and we’re constantly working hard to help prevent fraudulent activity from happening.  Customers who receive an email they suspect is a phishing scam just need to forward it tophishing@o2.com so we can investigate and shut down these scammers.!

"My life is a facsimile of a sham"
Message 64 of 374
2,616 Views

Anonymous
Not applicable
Super post @Beenherebefore. Thank you.

I don't buy it from o2 though for this simple reason. The info in the email includes things that you would normally type into your pc or laptop, namely the puk code and phone serial number.

In my opinion this is an o2 breach that they are trying to hide.
Message 65 of 374
2,612 Views

Anonymous
Not applicable
I've had another response from O2 on Twitter:

@O2: @angelouisemoore We've had reports from other customers who have received similar emails and we're looking into it.

I'll be using the template letter initially and awaiting a response.

Having read all the keylogger info, I'm baffled. I don't think I've ever accessed my account via a computer, only ever on my iPhone.
Message 66 of 374
2,607 Views

MI5
Level 94: Supreme
  • 143442 Posts
  • 632 Topics
  • 27490 Solutions
Registered:

@Anonymous wrote:
Having read all the keylogger info, I'm baffled. I don't think I've ever accessed my account via a computer, only ever on my iPhone.

It's nothing to do with keyloggers......

I have no affiliation whatsoever with O2 or any subsidiary companies. Comments posted are entirely of my own opinion. This is not Customer Service so we are unable to help with account specific issues.

Currently using:
Pixel 7a (O2 & Lyca), One Plus 6 (Sfr), iPhone 12 Pro Max (Vodafone)
Message 67 of 374
2,604 Views

jonsie
Level 94: Supreme
  • 92921 Posts
  • 608 Topics
  • 6913 Solutions
Registered:
Poor response initially from o2 especially locking threads and preventing us, concerned customers, from responding.
Key logging cannot get the information in its entirety that is included in the emails. It's an internal problem no doubt.
Message 68 of 374
2,594 Views

Anonymous
Not applicable
Hence my post about damage limitation. Totally agree with both @jonsie and @MI5. I am quite looking forward to my email now cos I WILL go all the way with it.
Message 69 of 374
2,590 Views

jonsie
Level 94: Supreme
  • 92921 Posts
  • 608 Topics
  • 6913 Solutions
Registered:

@Anonymous wrote:
Hence my post about damage limitation. Totally agree with both @jonsie@ and @MI5. I am quite looking forward to my email now cos I WILL go all the way with it.

It's a little  difficult  for  me  to  do  anything over here with just the mobile phone but I will be asking questions on my return in a week or so! 

Message 70 of 374
2,578 Views