4 MIN READ

Fraud gangs target EE customers in sophisticated text scam

phishing

EE customers are currently facing a wave of sophisticated phishing scams. Fraudsters have devised at least ten different schemes, all promising unclaimed rewards or points within accounts. These deceptive messages lead victims to harmful websites designed to steal their personal information.

Recognising the Scam

Victims receive messages, seemingly from random mobile numbers, stating that a significant number of points in their accounts were unused due to a system error. These messages falsely claim the points will expire soon, urging recipients to claim their non-existent prizes promptly. Upon investigation, EE has confirmed these communications as fraudulent.

Interestingly, these aren’t standard SMS messages but utilise Rich Communication Services (RCS) on Android devices. RCS messaging, a modern alternative powered by Google, offers enhanced security features like end-to-end encryption. However, it’s clear that fraudsters have found ways to exploit even the most secure platforms. In response, EE has taken action to block access to these malicious links on its network, and the issue has been reported to Google.

Google’s Response

Google emphasises its commitment to user safety, acknowledging the rise in impersonation campaigns across messaging platforms. The tech giant is continuously refining its spam and abuse detection capabilities. Google encourages users to report suspicious conversations in Google Messages. This helps block the sender and segregate the message into a “Spam & blocked” folder.

It’s generally advised against clicking on phishing links from unknown sources due to the risk of malware. However, an investigative look into these malicious phishing links revealed websites mimicking EE’s branding to trick visitors into providing personal details. These sites often ask for a phone number initially, then guide users through a bogus point redemption process, eventually requesting a home address for the delivery of phantom products.

Fraudsters are utilising link shorteners like Buzz, Cutt.ly, Rebrand.ly, and tinyurl.com to conceal suspicious URLs. While link shorteners are legitimate tools for condensing URLs, their ability to mask the destination site makes them appealing to fraudsters. Certain precautions, such as previewing the full link on TinyURL or using Cuttly’s preview mode, can help users verify links before clicking.

Services like Cuttly and TinyURL have measures in place to monitor and block malicious links. Users are encouraged to report suspicious links, which are then reviewed and potentially removed by the service’s abuse team.

Action Steps for Recipients

If you receive a suspicious text, it’s crucial not to respond directly. Instead, verify the message’s authenticity by contacting the purported sender directly or checking your account with the company. Suspicious messages can be reported to 7726, and malicious websites should be reported to the National Cyber Security Centre. Victims of scams should immediately contact their bank and report the incident to Action Fraud or dial 101 in Scotland.

In the digital age, fraud prevention and fraud awareness are more important than ever. EE customers, and indeed all mobile users, must remain vigilant against phishing attempts, armed with the knowledge and tools to protect their personal information.

Safeguarding Explored

Once fraudsters steal your personal information or access your EE account, they can unleash a variety of problems, resulting in significant financial and emotional turmoil. For instance, gaining access to your EE account allows fraudsters to execute SIM-swapping scams. This enables them to hijack your bank accounts or credit cards, exploiting them for fraudulent activities. 

In today’s digital age, distinguishing between legitimate communication and fraudulent attempts is increasingly challenging. Therefore, the most effective defence is a proactive one: resist the urge to immediately act on any received texts or emails. Instead, directly reaching out to your phone carrier for verification is a safer approach. While this method may seem time-consuming, it significantly reduces the risk of becoming trapped in such scams.

Recent articles

November 22, 2023

3 MIN READ

In a significant win in the fight against fraud, Waterford police have made nine arrests, smashing an international smishing ring in the process. This move comes amidst an international probe…

August 29, 2024

4 MIN READ

A Salisbury couple recently lost hundreds of thousands of pounds to a sophisticated courier fraud scam. The ordeal began on the morning of July 9 when a man posing as…

August 1, 2024

5 MIN READ

Some of the UK’s biggest banks and telecom companies have pledged to share information to combat the ongoing rise in fraud, urging the government to prioritise this “terrible crime” on…