A website designed to steal bank details has been taken down after we reported a phishing email to EE’s security team. Here’s the email you need to be wary of.
Following on from last week’s Netflix phishing email warning, another well-known brand’s customers are being targeted by scammers in the same way.
Just like other examples we’ve seen, the email tells you that your payment has failed due to billing details expiring or changing.
‘The payment for your latest EE bill failed’
A look at the email address this has arrived from will tell you that this has nothing to do with EE, however, if you were to miss it, you could be forgiven for thinking the email was genuine.
The professional layout and use of EE’s branding makes for a surprisingly legitimate appearance, while it’s also one of the most well-written scam emails I’ve seen this year.
The threat of the disconnection of your service is an attempt to rush you into making a bad choice. If you receive an email like this, make sure you take your time.
Check the email address it’s come from and look for other clues – for example, my eyes were drawn to the bizarre question mark in the footer of the email.
If you’re not sure about an email you’ve received, contact the brand through its official channels and discuss it with them directly.
What happens if you click through?
If you were to click through on ‘update and verify billing details’, you would have been taken through to a fake site and instructed to enter your bank details and other personal information.
The scammers behind the site would then have had complete access to the card details you’d entered, along with your full name and address.
Fortunately this site in particular has now been taken down after quick work from EE’s security team. When we reported the phishing email to EE, a spokesperson said:
“Our dedicated fraud team works hard to keep our customers safe from scams and customers should forward any suspicious emails to firstname.lastname@example.org so they can be investigated.
Our security team will then work quickly to take down any fraudulent websites contained in the email to protect people. Customers should always double check the sender’s email address, as it may not be from who it says it is.
If a customer thinks they may have been a victim of a scam then they should contact Action Fraud immediately.”
If you’ve landed on a website and you’re not sure it’s legitimate, take a look at our eight-step guide to identifying a fake, fraudulent or scam website.
Have you received this email or a similar one from another brand? How did you deal with it? Let us know in the comments.