URGENT: Fraudulent ‘smishing’ SMS
On 16 October O2 identified a number of customers who may have received a ‘smishing’ text message purporting to be from O2.
The message suggests the customer is required to update their billing information. There is a website in the message that redirects the customer to a fake O2 website. O2 did not send these fraudulent messages, but these websites are very convincing and look like O2 sites.
What does this mean for these customers?
The message reads; “O2: We are unable to process your latest bill. In order to avoid fees, update your billing information via:”
A full investigation is ongoing. O2 are in the process of removing the fraudulent websites and domain name, identifying and blocking the sender of the SMS.
If the customer believes they’ve disclosed personal data they can report it to Action Fraud at https://www.actionfraud.police.uk/report_phishing.
If the customer believes a crime or fraud has occurred due to this incident they can report it to Action Fraud at https://www.actionfraud.police.uk/reporting-fraud-and-cyber-crime
What do I need to say?
If a customer asks about the SMS please inform them these are fraudulent messages and not from O2. If they’ve entered any details they’ll need to reset their password and security question on the account.
Please advise customers who have entered their personal data that a password reset is a good precautionary measure to take.