Three mobile users across the UK are being targeted with a new phishing scam that is designed to steal your personal details. Cofense, a company that develops security software, has warned users of the network that they're being given fake emails. These fake emails are claiming to be from Three.
These emails, if believed by the users, could trick them into delivering their account details, passwords, contact information and even their credit card numbers.
The Cofense Phishing Defense Center saw that users were receiving an email from the domain '[email protected]'. They stated that the users bill payment could not be processed by their bank. In the email, the suer was told to download a HTML file named "3GUK[.]html" in order to change their billing information to avoid service suspension. When the file is downloaded and opened, a fake landing page is displayed. This landing page urges the user to enter their login details. This includes the users passwords, credit card details as well as other personal information.
As the 'login page' from the Three phishing scam is very convincing, it suggests that it was copied from the legitimate Three website. This malicious page also uses links to legitimate web pages. Kudos to them?
Cofense advise everyone to be wary about the emails. Emails that may ask the to hand over their personal details may not be good news. Additionally, you must make sure that your device has an up-to-date antivirus and that your browser is up-to-date. This is to make sure that you are safe from malware.