Skip to main content

Three mobile customers targeted by phishing attack - here's what you need to know

(Image credit: Shutterstock.com)

Criminals are targeting Three mobile users across the UK with a wide-ranging phishing scam that could steal personal details.

Experts from Cofense have warned that users of the network, which has over ten million customers across the UK, are being hit with fake alerts claiming to be from the company.

However, the emails look to could trick victims into handing over personal and account details, including passwords, contact information and even credit card numbers.

Three phishing scam

Research from the Cofense Phishing Defense Center (PDC) saw users receive an email (pictured below) from the "online@three.co.uk" domain concerning a bill payment that could not be processed by their bank.

They are then told to download the html file “3GUK[.]html” to edit their billing information in order to avoid service suspension. However opening this file takes the victim to a fake landing page where they are urged to enter their login data, including passwords, along with credit card details and other personal information.

(Image credit: Cofense)

Cofense warns that the page is incredibly convincing, suggesting the malicious page has been cloned from the real Three website, including links to legitimate web pages.

The company is urging users to always be wary of requests to download and open html/htm file attachments as opposed to being linked directly from their email client.

Users should also be wary of clicking on links within emails from suspect sources, and ensure they have an up-to-date antivirus and web browser security solution installed to combat any threats.