Vodafone customers have been warned about what appears to be one of the most realistic email scams yet.
Get Safe Online - A leading government-backed resource for consumers to protect themselves from fraud - posted a tweet warning that the email was a fake and should be deleted immediately.
As you can see from the image above it’s a very impressive recreation of what could be a normal email bill.
To make matters worse the email claims that the customer owes over £400, an amount designed to panic users into clicking on the link and thus opening themselves up to malicious software.
Thankfully there is one clear sign that this is in fact not an official email from Vodafone: The email address.
While the name on the sender shows an @vodafone.com the actual email address afterwards is clearly not.
Fake receipts and bills known as phishing attacks are a common tactic used by criminals to entice users into download malicious software like ransomware.
Just last year an impressive-looking iTunes receipt scam was sent out to users claiming they had spent over £90 within the store.
Concerned about the amount, users then click on the link within the email and inadvertently end up downloading software that can take control of the files on your computer and hold them to ransom.
Phishing isn’t exclusive to computers either, last month a WhatsApp scam started doing the rounds again via smartphones.
A text would come through claiming to be from WhatsApp asking you to renew your subscription (WhatsApp doesn’t have a subscription). It would then provide a link where it would ask you to update your details.
What is ransomware?
Once installed on either a computer or (more increasingly) a mobile device they can take all your files and lock them away, effectively holding them ransom until you pay the hackers a fee.
Ranging from £200 all the way up to £1000 these fees are almost always required in Bitcoin and are always priced in such a bracket that many customers will feel they’re forced to take this one off hit.
Senior Security Researcher, Kaspersky Lab David Emm recommends that you should never pay these ransoms. Not only do they validate ransomware as a business model but there’s absolutely no guarantee that you won’t be hit again by a different piece of software.