Day 3 of avoiding Christmas scams – Fake mobile billing issues

Somewhere, someone knows what mobile network you use. Most organisations who need to collect our personal detail will ask for our mobile number so that they can use it for marketing purposes. In most instances it is useful, getting updates on service issues, deliveries or special offers. But when your number falls into the wrong hands then it can be used in a number of phishing scams.

One such phishing scam is where a fraudster is impersonating your mobile phone provider. Somewhere on the dark web lists featuring mobile numbers and service providers are offered for sale – phishing attacks similar to the one on the left are quick and easy to set up as they know the recipients mobile provider and that gives it some authenticity to the receiver. Add in a domain name featuring the mobile provider and you have the makings of something that could fool a number of people. Remember, the return on investment for the fraudsters can be as small as just one person submitting their financial details.

A quick check on the domain name within the text and you can see it was registered 24 hours ago, with the registrant details hidden behind a proxy company in Panama. Whilst mobile networks often send text messages, they will come from a recognised number (such as 150 in the case of EE) and will rarely ask you to follow a URL.

If you do receive one and are in doubt, contact your service provider on the details on their website. Don’t follow any links as they could take you to websites that will expose your devices to malware or ransomware.

Stop press: My wife received exactly the same message a few hours ago, with a different domain name “” which was registered today.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s