Tuesday 24 October 2017

Scammers target O2 customers with bogus text offers

Aideen Sheehan Consumer Correspondent

CUSTOMERS of mobile-phone company O2 have been hit with at least two sophisticated 'phishing' scams in the past week.

One customer told the Irish Independent how her account was hacked into and hundreds of texts were sent at her expense to other customers.

Many customers received texts directing them to a fake O2-lookalike website claiming to offer free text top-ups.

The company confirmed that it had forced the removal of two such sites in recent days, www.freetopup.eu.tf and o2verified.info. The sites, which look virtually identical to O2's own website, were being used by scammers to get personal information from phone users.

One woman who logged on to one of the sites earlier this week after receiving a text offering free top-ups, said the fraudsters then hacked her O2 account to send text messages to hundreds more randomly generated 086 phone numbers.

These messages were sent at her expense from her web account, although O2 has now credited her with the cost.

"The first I knew was when I started getting loads of text messages, some of them very abusive, from people who had received these texts, telling me to stop," she said.

The woman, who doesn't want to be named, said she didn't know yet what the total financial hit to her account was, as she has been blocked from it while the matter is sorted out.

O2 confirmed that it had ensured the fake sites were taken down and it urged customers affected to report any losses to the gardai.

A spokesperson said that it could not put a number on the customers who had received the fake 'smishing' texts and were unaware what the fraudsters planned to do with the information, although he said it had not resulted in access to customers' O2 prepaid visa-card details.

The company added: "Sadly, lots of organisations are affected by phishing or smishing."

Phishing is any kind of scam which involves tricking people into disclosing personal details, such as bank account numbers or passwords.

Smishing is a subset of that, whereby customers are reached by text, usually directing them to a fake website which again aims to get them to disclose valuable personal details.

The information obtained by such scams could potentially be sold on to third parties, who wish to obtain this kind of valuable personal data.


O2 has advised its customers not to respond to texts from an unknown source and to avoid clicking on web links contained within such texts.

"O2 will never ask customers by SMS to disclose personal information. Message sent by O2 come from a short code number, such as 50407, 50202 or 50208, or are branded O2 Treats or O2 More," it said.

The phone regulator ComReg warned that details passed on to scammers could potentially be used to steal money from a customer's bank account, spend money on their credit card or steal their identity and take out loans in their name.

The National Consumer Agency said last night that it was aware of the issue and advised anyone contacted by a service provider requesting personal details to ring the provider's official listed telephone number to verify that it was a genuine request.

Irish Independent

Editor's Choice

Also in Irish News