cancel
Showing results for 
Search instead for 
Did you mean: 

Phishing, Smishing & Scams. Latest info & advice.

Chris_K
O2 Social Media Team
O2 Social Media Team
  • 1726 Posts
  • 374 Topics
  • 152 Solutions
Registered:
scam-header.jpg

 

⚠️MAY 2022 UPDATE - Flubot 1.1 / 2.0⚠️

It's been a couple months since our last update, but that doesn't mean these scammers and fraudsters have given up or slowed down - far from it. Scammers are always looking for ways to get unsuspecting users to click on dodgy links, visit fake websites, or dupe you into giving out personal info.

 

'Flubot' looks like it's on the rise again and this time with a twist.

More info

First, a quick recap on how Flubot 1.0 (SMS) works:

  1. You receive a text message containing a link
  2. If you click the link, you're asked to install an app
  3. At this point your phone is now infected with the Flubot malware
  4. Infected phone numbers are added to a central Flubot network and your phone is used to send more texts and infect other users
  5. Flubot can steal banking, contact amd personal info from infected devices

What's changed with Flubot 1.1 / 2.0? It's important to note that Flubot 1.0 is still in circulation and you could be sent one of those, or potentially one of these new ones from Flubot 1.1 / 2.0:

  1. You receive an SMS as before, but the message has changed from being about a missed delivery, to something like "Voice mail message awaiting to be listen", or a variant of it
  2. An MMS is sent to you about a voicemail and if you click the link and become infected, your phone sending infected MMS could result in you being barred by some of our controls and checks, or losing some or all service due to you potentially hitting any spend caps you may have set up

Please remain vigilant when receiving an SMS or MMS. If it's not from someone you know, or a business/company you're familiar with, then be cautious and think twice before opening any links. And even if it is from somebody you know, be cautious of any dubious looking links - it's possible your friends phone could be infected and it sent you one of the links.

View our previous scam and fraud updates at the bottom of this post


Received a suspicious SMS or Email? There's no need to contact us. See below hints and tips for spotting these scams, and what to do with them.

We often see reports from customers who believe that they may be at risk from fraudsters trying to dupe them into sharing their personal information. These types of scams are known as phishing or smishing – a form of fraud which impersonates a company in order to steal sensitive information such as login, bank or other personal details. We’ve pulled together some information to help you identify these scams and keep your information safe.

What is it?
Phishing or Smishing is when fraudsters attempt to get hold of sensitive information such as usernames, passwords or bank details by pretending to be a trustworthy source in emails (Phishing) or texts (Smishing). These scams work by sending you an email or text that looks like it’s from your bank, service provider or other company, usually asking you to visit a fake website that looks real. If at this point you try logging in, or provide any info, fraudsters will attempt to use that info to commit fraud in your name.

What are you looking for?
As with many scams, it begins with an email or text. Some of these may be from scammers pretending to be O2, and may alert you to an unpaid or overdue bill, and will include a link to pay or ‘view your bill’. This messaging is designed to panic recipients into clicking the link to view the bill.

Clicking the link will either direct you to a fake website or in some cases, download Malware to your computer. The most common type of phishing email will direct you to a fake website and ask you to enter your login details.  Malware can be used for a number of things – for example, it could record your keystrokes, enabling fraudsters to piece together even more personal information and login details.

Signs of a Phishing or Smishing Scam
It’s often easy to spot a scam. Be on the lookout for:

  • Spelling mistakes
  • A ‘from’ email address that doesn’t match the company or organisation
  • A text sent from an unfamiliar sender, such as a normal looking mobile number
  • Demands that you take action straight away or risk having your account suspended
  • A generic ‘dear customer’ header
  • Suspect links with extra letters, numbers or substitutions. For example, a phishing scam trying to imitate O2 might replace the letter ‘O’ with the number zero
  • Requests for sensitive data like usernames, passwords, D.O.B etc.

Here are some examples of Phishing emails:

More info

Phishing image

Here are some examples of Smishing texts:

More info

What to do
If you’re suspicious about an email you’ve received and it's pretending to be from O2, please send it onto our team to be looked into. DO NOT click on any links. It’s important that we see examples of phishing emails and websites so we can investigate and shut down scammers. To report a suspicious email or website:

  • Create a new email draft with ‘Phishing’ as the subject
  • Attach the suspicious email
  • Send to spam@o2.com 

To report a suspicious text pretending to be from O2, forward the original message to 7726. You may get an automated response thanking you for the report and giving you further instructions if needed. You will not be charged for sending texts to 7726.

Alternatively, if your phone supports SPAM reporting (currently available if you have an Android device using the Google Messenger App, but others will be available soon), then press the SPAM button to automatically forward the message to 7726.

point_right For more info about phishing from our support pages, click HERE.
point_right For more info and advice on how to safeguard against fraud, visit the Fraud Advisory Panel.
point_right For more info on spam texts click here.


We'll update this thread regularly, as and when there are new scams you should be aware of, or we want to share any details that will help ensure you don't fall foul to scammers.

 

PREVIOUS UPDATES BELOW

 

⚠️ JANUARY 2022 UPDATE - Fonehouse / Carphone Warehouse Scam ⚠️
More info
BBC's Morning Live show today featured a segment about a recent scam that's gaining traction and becoming more prevalent amongst scammers. Please read the full update here but in short, if you or anyone you know receives a device they weren't expecting, or is different to what was ordered, then please do not attempt to contact the person who originally 'sold' you the contract (they may have supplied their details or even done this via WhatsApp/similar). Instead, contact the company directly - whether direct from a network or even from Carphone Warehouse themselves - using the legitimate details on their website so they can check and advise on the next steps as it's very likely you've fallen foul of this scam.
⚠️🎅🎄 DECEMBER 2021 UPDATE - Stay safe this festive season 🎄🎅⚠️
More info
During this time of the year, we tend to see a heightened level of scams going around, and with many of us taking time off work or winding down for a few days over the festive period, it's easy to let your guard down - and that's what these cyber criminals are hoping for. So please, remain vigilant and inspect your texts, calls and emails closely this holiday period. Find out more around how to spot scams and stay safe during the festive period.
⚠️ SEPTEMBER 2021 UPDATE - iOS 14.8 (Zero Click Malware) ⚠️
More info

We have seen news and media reports of a zero click malware vulnerability within iOS that has been patched with the latest iOS 14.8 update. Please see more info below and update your devices as soon as possible to stay safe and secure.

 

This week Apple has released an emergency software update for all iPhone, iPad and Mac users, to prevent the use of a 'zero-click malware'. A zero-click attack is especially devious as it means a user has no chance to catch the attack because it requires no action on the user’s part to trigger it - it’s not like a phishing email or smishing sms where the user has to click on a link or download a piece of malware.

Whilst alarming, we don’t need to panic, as these types of attacks tend to be very targeted, and in the past have been used to access messages on specific and targeted individuals, like a journalist’s or politician’s device.

WHAT DO I NEED TO DO?
Simple – you should update your device to the latest update as soon as possible.

⚠️ JULY 2021 UPDATE 2 - Update on Flubot ⚠️
More info

We know Flubot has been in the news more recently due to it becoming a heavily used form of smishing by these scammers, so we want to update you with more information on what Flubot is, how to spot it, and how to stay safe. See full update below for more info.

 

Flubot scam - What is it?
Flubot is a text message scam. It is part of a large scale smishing attack using a malware named Flubot. Currently it is only impacting Android devices, and is downloaded under the guise of a tracking app or a message with a link to retrieve a voicemail which is installed when you click on the attached link.

If you install the app the malware is then able to take over your device and this allows more infected SMS to be sent to contacts within your device without your knowledge.

Please be aware that if you do install the app, your contacts and your banking apps may have been accessed by the fraudster.

If you have received the message but not clicked on the link and downloaded the app, you can report the message to 7726 and then delete it.

If you have downloaded the app and believe your device has been infected, you will need to remove the malware from your device and you can do this by following the actions recommended by the National Cyber Security Centre, which is to perform a factory reset on your device, which will wipe the device and remove the malware. To carry out a factory reset, please visit the National Cyber Security Centre’s website and search on the text “flubot guidance”. You should NOT perform a back-up to reinstall anything on your device after the factory reset, as that will also reinstall the malware. 

Other options that MAY be available are:

  • Activating Google Play protect and perform a complete device scan. This action MAY allow you to delete the malware.
  • Activate the safe mode on the Android device. Safe mode places a temporary block on third party apps from running. This may let you identify the Flubot app and then uninstall it.

 

I believe my device is infected – What should I do ?
Please forward the original text message to 7726

If we have identified that your device may be infected by Flubot as part of the monitoring of our network, we may bar your outgoing SMS in order to protect you, your contacts, and our network. To have this SMS bar removed, please follow the advice below on how to remove the malware. Once you have done this please contact customer services

If you advise us that you have removed the malware but this has not been completed, the outgoing SMS bar is likely to be reinstated.

If you have incurred charges to your bill due to Flubot, this will be reviewed and where applicable these charges will be credited back to your account.

However, if you advise us that you have removed the malware and this has not been completed, and you continue to incur costs due to Flubot you may be liable for these charges.

⚠️ JULY 2021 UPDATE 1 - New Flubot Variants & 7726 upgrade ⚠️
More info

We have seen a number of new examples of the Flubot scam and are taking actions to protect customers from these. We have also made an upgrade to 7726 to make it easier to report calls.

 

Flubot

We have had reports of a new variant of the Flubot issue and wanted to highlight what these look like.

You will receive a SMS advising you have a missed voicemail and to click the link provided. Please don’t and if you have see the guidance below on the actions to take.
unnamed.jpegFlushot.jpeg

 

Please continue to report these to 7726 as it allows us to take the appropriate action to shut these down. 

7726 Update

We have now completed a small upgrade to 7726 so that it is easier for you to report a Voice Call rather than just SMS.

To make it easy for you the system will only require a single message

If you receive a call then you should report it as follows:-

 

Voice (Calling number)    e.g. Voice 077305***** or Voice 4477305*****

 

No words or comments should be included otherwise it will be registered as a text message and not a voice call.

 

When used you will see the following response:-

 

Thanks for reporting a nuisance call.  The details will be shared with the other operators and law enforcement teams

⚠️ JUNE 2021 UPDATE - My O2 & O2 More SMS ⚠️
More info

We've started seeing some texts claiming to be from O2 More or My O2 that refer to various gamling offers or websites, though may not be exclusive to just gambling offers - it's just that that's what we've seen so far. More details below.

 

I wanted to highlight a few texts we've seen originating from a spoofed 'My O2' or 'O2 More', usually related to gambling offers - but this may not be exclusively. See below some recent examples we've had.

MyO2-1.jpgMyO2-2.jpgMyO2-3.jpg

Some of the usual 'tells' that this is a scam and not from O2 can be seed in typos, grammar or punctuation mistakes, such as:

  • In the second example, 'Bet on the England Vs Scotland' - what? The whole sentence just doesn't really make any sense as it seems to be missing words like match and 'an' before exclusive
  • In the third example they deliberately add spaces to the Gambleaware website to ensure it's not tappable, and the last bit again doesn't flow well

It can be difficult to tell what's a scam and what's real though, so please continue to be vigilant and if you're in doubt, it's best not to open these texts or tap on any of the links. Continue to follow our previous advice to forward suspected scam texts to 7726 for us to investigate.

⚠️ APRIL 2021 UPDATE 2 - New Flubot Variants ⚠️
More info

We wanted to alert you that we’re starting to see new variations of the recent Flubot SMS scam you may have read about here, on our Social Media feeds, or via the news. Some variants we have seen so far include messages pretending to be from UPS, ASDA and others. We wanted to clarify a couple of points that we hope will help keep you safe over the bank holiday weekend.

 

How Flubot works

  • The way the Flubot scam works is that by tapping on one of the links in the message, it takes you to a website that downloads an ‘APK file’. This file is a fake app that installs to your device, and then downloads other apps that make it look like your online banking app (or other apps) which can steal your logins and more
  • Because this Flubot scam works by installing an APK file, this is currently specific to Android – but if you’re an iPhone/iOS user, we strongly recommend you follow the same advice below

What to do if you receive one
If you receive a text or email you weren’t expecting and it’s asking you to tap on a link, be suspicious and scrutinise the details. If it’s from a random mobile number, chances are high it’s a scam text. If the link looks odd, chances are high it’s a scam text. If the text has typo’s or poor structuring, chances are high it’s a scam text. In these cases, please forward the text to 7726 for our security team to take further action.

If you get such a text and everything looks absolutely fine, or you were expecting a delivery from the courier mentioned and you think it might be genuine, we urge you to use caution and to contact the company in question to confirm its legitimacy before tapping on any links. If the courier/business cannot confirm the legitimacy of the SMS, please forward the text to 7726 for our security team to take further action.

More Info
For more guidance, please visit the National Cyber Security Centre

⚠️ APRIL 2021 UPDATE - 'FluBot' SMS Scam ⚠️
More info

Mobile network operators are aware of the Flubot SMS scam and are advising customers to be vigilant and careful about clicking on any links received in an SMS. For the full update, tap here or view it below.

 

What is the Flubot SMS scam?
The Flubot SMS scam is a piece of malware that impersonates other apps on a victim’s phone to steal their banking credentials and other private information. It spreads through SMS and can eavesdrop on incoming notifications, read and write SMS, make calls, and transmit the victims’ entire contact list back to its control centre. 


Actions to take if you believe you have received a Flubot text message
If you believe you have received a Flubot message, customers should forward anything suspicious to 7726 so the links can be tracked.

Be Vigilant and Aware
The best advice if you’re unsure is to ignore, report, and delete.

Here's an example of a Flubot SMS. If you receive anything similar, please don't click any links. Report it as instructed above, then delete it.

⚠️ MARCH 2021 UPDATE - Royal Mail SMS Scam ⚠️
More info
Royal Mail email, text and Facebook scams have been around for a long time, but this month we've seen an increase in activity and so we wanted to bring this to your attention to help show you how to spot these, and what to do about them. See more details in the update here.
⚠️ FEBRUARY 2021 UPDATE - We've updated our 'OTAC' SMS ⚠️
More info
In February 2021 we updated the OTAC (one time authorisation code) SMS messages we send you when you request certain account actions such as SIM swaps, upgrades or account recoveries. Never share this code with anyone who calls you. See more details in the update here.
⚠️ JANUARY 2021 UPDATE - NHS Vaccine SMS ⚠️
More info
In January 2021 we started seeing a convincing new text message scam that pretends to be from the NHS offering you a vaccine. Please see full details in the update here.
⚠️ AUGUST 2020 UPDATE - Flyers, Wangiri, and other Scams ⚠️
More info
In August 2020 we added a new section to this thread highlighting other scam activities you should be aware of. These include details on the 'Wangiri Scam', flyer, and other scams. Please see the update here.

 


Hi. I'm from the Social Media Team.

Message 1 of 30
21,833 Views
29 REPLIES 29

Chris_K
O2 Social Media Team
O2 Social Media Team
  • 1726 Posts
  • 374 Topics
  • 152 Solutions
Registered:

We wanted to alert you that we’re starting to see new variations of the recent Flubot SMS scam you may have read about here, on our Social Media feeds, or via the news. Some variants we have seen so far include messages pretending to be from UPS, ASDA and others. We wanted to clarify a couple of points that we hope will help keep you safe over the bank holiday weekend.

  • The way the Flubot scam works is that by tapping on one of the links in the message, it takes you to a website that downloads an ‘APK file’. This file is a fake app that installs to your device, and then downloads other apps that make it look like your online banking app (or other apps) which can steal your logins and more
  • Because this Flubot scam works by installing an APK file, this is currently specific to Android – but if you’re an iPhone/iOS user, we strongly recommend you follow the same advice below


If you receive a text or email you weren’t expecting and it’s asking you to tap on a link, be suspicious and scrutinise the details. If it’s from a random mobile number, chances are high it’s a scam text. If the link looks odd, chances are high it’s a scam text. If the text has typo’s or poor structuring, chances are high it’s a scam text. In these cases, please forward the text to 7726 for our security team to take further action.

If you get such a text and everything looks absolutely fine, or you were expecting a delivery from the courier mentioned and you think it might be genuine, we urge you to use caution and to contact the company in question to confirm its legitimacy before tapping on any links. If the courier/business cannot confirm the legitimacy of the SMS, please forward the text to 7726 for our security team to take further action.

For more guidance, please visit the National Cyber Security Centre


Hi. I'm from the Social Media Team.

Message 21 of 30
1,526 Views

Luke30
Level 7: Part Timer
  • 340 Posts
  • 104 Topics
  • 0 Solutions
Registered:
There are scam text messages saying that is something is happening with your bank account.
LGreenwood
Message 22 of 30
1,516 Views

Chris_K
O2 Social Media Team
O2 Social Media Team
  • 1726 Posts
  • 374 Topics
  • 152 Solutions
Registered:

Hey all,

I wanted to highlight a few texts we've seen originating from a spoofed 'My O2' or 'O2 More', usually related to gambling offers - but this may not be exclusively. See below some recent examples we've had.

MyO2-1.jpgMyO2-2.jpgMyO2-3.jpg

Some of the usual 'tells' that this is a scam and not from O2 can be seed in typos, grammar or punctuation mistakes, such as:

  • In the second example, 'Bet on the England Vs Scotland' - what? The whole sentence just doesn't really make any sense as it seems to be missing words like match and 'an' before exclusive
  • In the third example they deliberately add spaces to the Gambleaware website to ensure it's not tappable, and the last bit again doesn't flow well

It can be difficult to tell what's a scam and what's real though, so please continue to be vigilant and if you're in doubt, it's best not to open these texts or tap on any of the links. Continue to follow our previous advice to forward suspected scam texts to 7726 for us to investigate.


Hi. I'm from the Social Media Team.

Message 23 of 30
1,168 Views

Chris_K
O2 Social Media Team
O2 Social Media Team
  • 1726 Posts
  • 374 Topics
  • 152 Solutions
Registered:

Hey all,

As 'Flubot' is becoming more of an issue and more widespread, we wanted to ensure you had all the necessary info around what to do if you receive any Flubot SMS, and what to do if you believe you've clicked on any of the links and your device has become infected.

Full details below.

Flubot scam - What is it?
Flubot is a text message scam. It is part of a large scale smishing attack using a malware named Flubot. Currently it is only impacting Android devices, and is downloaded under the guise of a tracking app or a message with a link to retrieve a voicemail which is installed when you click on the attached link.

If you install the app the malware is then able to take over your device and this allows more infected SMS to be sent to contacts within your device without your knowledge.

Please be aware that if you do install the app, your contacts and your banking apps may have been accessed by the fraudster.

If you have received the message but not clicked on the link and downloaded the app, you can report the message to 7726 and then delete it.

If you have downloaded the app and believe your device has been infected, you will need to remove the malware from your device and you can do this by following the actions recommended by the National Cyber Security Centre, which is to perform a factory reset on your device, which will wipe the device and remove the malware. To carry out a factory reset, please visit the National Cyber Security Centre’s website and search on the text “flubot guidance”. You should NOT perform a back-up to reinstall anything on your device after the factory reset, as that will also reinstall the malware. 

Other options that MAY be available are:

  • Activating Google Play protect and perform a complete device scan. This action MAY allow you to delete the malware.
  • Activate the safe mode on the Android device. Safe mode places a temporary block on third party apps from running. This may let you identify the Flubot app and then uninstall it.

 

I believe my device is infected – What should I do ?
Please forward the original text message to 7726

If we have identified that your device may be infected by Flubot as part of the monitoring of our network, we may bar your outgoing SMS in order to protect you, your contacts, and our network. To have this SMS bar removed, please follow the advice below on how to remove the malware. Once you have done this please contact customer services

If you advise us that you have removed the malware but this has not been completed, the outgoing SMS bar is likely to be reinstated.

If you have incurred charges to your bill due to Flubot, this will be reviewed and where applicable these charges will be credited back to your account.

However, if you advise us that you have removed the malware and this has not been completed, and you continue to incur costs due to Flubot you may be liable for these charges.


Hi. I'm from the Social Media Team.

Message 24 of 30
1,120 Views

Chris_K
O2 Social Media Team
O2 Social Media Team
  • 1726 Posts
  • 374 Topics
  • 152 Solutions
Registered:

We have seen news and media reports of a zero click malware vulnerability within iOS that has been patched with the latest iOS 14.8 update. Please see more info below and update your devices as soon as possible to stay safe and secure.

 

A zero-click attack is especially devious as it means a user has no chance to catch the attack because it requires no action on the user’s part to trigger it - it’s not like a phishing email or smishing sms where the user has to click on a link or download a piece of malware.

Whilst alarming, we don’t need to panic, as these types of attacks tend to be very targeted, and in the past have been used to access messages on specific and targeted individuals, like a journalist’s or politician’s device.

WHAT DO I NEED TO DO?
Simple – you should update your device to the latest update as soon as possible.


Hi. I'm from the Social Media Team.

Message 25 of 30
979 Views

Pipstop78
Level 5: Ponderer
  • 174 Posts
  • 69 Topics
  • 0 Solutions
Registered:

I've had lots of spam messages send them to 02 not had any since 02 have been great 

Message 26 of 30
931 Views

Chris_K
O2 Social Media Team
O2 Social Media Team
  • 1726 Posts
  • 374 Topics
  • 152 Solutions
Registered:

Hey everyone,

 

During this time of the year, we tend to see a heightened level of scams going around, and with many of us taking time off work or winding down for a few days over the festive period, it's easy to let your guard down - and that's what these cyber criminals are hoping for. So please, remain vigilant and inspect your texts, calls and emails closely this holiday period.

 

scam-header.jpg

 

Phishing, smishing and vishing - what are they?

Phishing is when fraudsters attempt to get hold of sensitive information such as usernames, passwords, and credit card details, by pretending to be a trustworthy source in an email. When this happens through text message, it’s known as smishing. When someone calls you, it’s vishing.


How do they work?

These scams work by sending you an email or text, or by someone calling you and pretending to be from your bank, service provider, the Police, or another trusted company. The message or caller might ask for personal or financial information, such as personal security details, bank details, one-time codes, or passwords, or they might ask you to visit a fake website that looks real. The site will have a form asking for personal information like usernames, passwords, bank account details, or pins.


Don't be fooled!

These messages or calls can be very convincing and look or sound like genuine messages sent by organisations you already deal with. They might even appear within an existing text message string from an organisation you know, for example, some of ours are ‘My O2’, ‘O2UK’, ‘O2SwapMySim’.

 

Remember, if someone calls you claiming to be from O2, we would never ask for one-time passcodes, passwords and PINs, or personal information like your bank details. So, make sure you check who they are by asking where they're calling from. If you have any doubts, just give us a call on 0344 809 0202 to check. These could be nuisance calls, so see our advice on what to do about them. We will never email, text, or call you and ask for a one-time code, password, or other security information you've set up on your O2 account. 

 

'FluBot' text scam

See below for more info on the FluBot scam and how it works

 

More info

FluBot is a text message scam that is part of a large-scale smishing attack. Currently, it only affects Android devices and is downloaded under the guise of a message with a link to a tracking app or to retrieve a voicemail. The messages can appear to be from a delivery service like DHL, or other companies like Argos and Amazon.
 

If you click the link in the message, the malware may automatically download to your device. If the app is installed, the malware can take over your device, allowing more infected text messages to be sent to your contacts without your knowledge. The fraudster could also gain access to your messages and online banking details.

Signs of a scam

Scammers nowadays are sophisticated and getting clever at pretending to be legit, but there are still often tell-tale signs that the text, email or call may not be genuine.

 

More info

Signs that an email, message or call might not be genuine:

  • it contains spelling mistakes
  • there’s a generic 'dear customer' header
  • it asks you to provide sensitive personal or financial information or passwords, or to make transactions by following a link in the message
  • there are suspect links or there’s a name in the header with extra letters, numbers or substitutions. For example, a phishing scam trying to imitate O2 might replace the letter 'O' with the number zero
  • it asks you to call a certain number you don’t recognise. In this case, call your bank on a number that you trust, like the one on the back of your card, to check the message is authentic
  • the sender uses an urgent tone, telling you to act now.

Receiving a suspicious email, text or call won’t harm you in any way. It’s only dangerous if you interact with it. Remember:

  • don’t click on links unless you’re 100% sure they’re genuine
  • take a moment to stop and think. Trust your instincts. If it looks suspicious or too good to be true, there’s probably a catch
  • don’t give away any of your personal details.

If you're suspicious about an email, text or call, report it immediately.

Reporting a scam email, text or call

Some scams might pretend to be from O2, or from an organisation you already deal with. It's important that we see examples of phishing emails, texts and websites so we can investigate and shut down scammers.

More info

To report a suspicious email:

  • for suspicious emails claiming to be from O2, create a new email draft with ‘Phishing’ as the subject. Attach the suspicious email and send it to spam@o2.com.
  • for emails, forward the message to the organisation that it claims to be from. You can look up the email address to send it to on that organisation’s website

To report a suspicious text:

  • forward the text message, including phone number or company name, to 7726. It won’t cost you anything and it means we can investigate the sender
  • if your phone supports SPAM reporting (currently available if you have an Android device using the Google Messenger App, but others will be available soon), then press the SPAM button to automatically forward the message to 7726. 
    Information shared to 7726 will be available to all mobile operators, the Information Commissioner’s Office and various approved organisations that are involved in criminal investigations, to enable the to identify the senders. These approved organisations include the National Cyber Security Centre (NCSC) and the Serious Fraud Office (SFO). Information may also be shared with the organisations who are being targeted by the smishing attacks, to help them protect their customers from fraud.

To report a suspicious call:

  • If someone calls you saying they're from O2 and they ask for personal information, one-time codes, passwords and PINs, including bank details, make sure you check who they are first. Ask where they're calling from and take a number to call them back.
  • If you have any doubts, call us to check - these could be nuisance calls, so see our advice on what to do about them.
  • Remember, we’ll never email, text or call you and ask for a one-time code or password, or for any other security information you’ve set up on your O2 account.
     

You should also report your phishing experiences to report@phishing.gov.uk. The information provided lets law enforcement organisations remove fraudulent sites and identify patterns of attack used by scammers to help us all defend against them.

I know this isn't the most cheerful of subjects, but scams are always on the rise during this time of year so please be vigilant, remain cautious, and try not to fall foul of these scammers who at every turn will try to extract money from you, or information that may lead to fraud and even identity theft. If in doubt, report it.


Hi. I'm from the Social Media Team.

Message 27 of 30
529 Views

Chris_K
O2 Social Media Team
O2 Social Media Team
  • 1726 Posts
  • 374 Topics
  • 152 Solutions
Registered:

Hey all,

 

I wanted to share that earlier today, BBC's 'Morning Live' show discussed a new scam that's doing the rounds, referred to as the 'Fonehouse Scam' or 'Carphone Warehouse Scam'. Skip to about 7:40 on this iPlayer video where fraudsters are calling people up and pretending to be Carphone Warehouse while offering an incredible mobile phone deal.

 

You need to listen to the segment in full to appreciate the complexity of the scam, but in essence once the scammer has all of your details, they then sign you up to a mobile contract of their choosing (likely something high value that'll resell easily) which will be a different phone to what you were expecting. Then, once the scammers spot that your phone has been delivered, they'll attempt to contact you with an apology for sending the wrong device, and then they'll supply an address for you to return it. That's the scam - the address won't be legitimate and what you'll actually be doing is sending a device that's been taken out in your name, directly to the scammers - all whilst still paying and contracted for a device you no longer have.

 

So... Long story short: If you or anyone you know receives a device they weren't expecting, or different to what they ordered, then please do not attempt to contact the person who originally 'sold' you the contract (they may have supplied their details or even done this via WhatsApp/similar). Instead, contact the company directly - whether direct from a network or even from Carphone Warehouse themselves - using the legitimate details on their website so they can check and advise on the next steps.


Hi. I'm from the Social Media Team.

Message 28 of 30
455 Views

jonsie
Level 94: Supreme
  • 87005 Posts
  • 594 Topics
  • 5126 Solutions
Registered:

This has already happened to a customer on here 😮

2020-Awards-jonsie5695219-2




O2 Social Media

SM IconsTwitter

Instagram

Facebook




Message 29 of 30
451 Views

Chris_K
O2 Social Media Team
O2 Social Media Team
  • 1726 Posts
  • 374 Topics
  • 152 Solutions
Registered:

It's been a couple months since our last update, but that doesn't mean these scammers and fraudsters have given up or slowed down - far from it. Scammers are always looking for ways to get unsuspecting users to click on dodgy links, visit fake websites, or dupe you into giving out personal info.

 

Enter... Flubot. Again. That's right, Flubot looks like it's on the rise again and this time with a twist.

 

First, a quick recap on how Flubot 1.0 (SMS) works:

  1. You receive a text message containing a link
  2. If you click the link, you're asked to install an app
  3. At this point your phone is now infected with the Flubot malware
  4. Infected phone numbers are added to a central Flubot network and your phone is used to send more texts and infect other users
  5. Flubot can steal banking, contact amd personal info from infected devices

What's changed with Flubot 1.1 / 2.0? It's important to note that Flubot 1.0 is still in circulation and you could be sent one of those, or potentially one of these new ones from Flubot 1.1 / 2.0:

  1. You receive an SMS as before, but the message has changed from being about a missed delivery, to something like "Voice mail message awaiting to be listen", or a variant of it
  2. An MMS is sent to you about a voicemail and if you click the link and become infected, your phone sending infected MMS could result in you being barred by some of our controls and checks, or losing some or all service due to you potentially hitting any spend caps you may have set up

Please remain vigilant when receiving an SMS or MMS. If it's not from someone you know, or a business/company you're familiar with, then be cautious and think twice before opening any links. And even if it is from somebody you know, be cautious of any dubious looking links - it's possible your friends phone could be infected and it sent you one of the links.


Hi. I'm from the Social Media Team.

Message 30 of 30
231 Views