A new criminal campaign has been launched targeting users of the telecom provider O2’s services. Offering incentives for customers to save excessive sums of money on their phone plans, the scam is, in fact, designed to steal their personal data.

This recently uncovered scam has arrived at a time when many companies and households across the UK are facing an increased cost of living and facing fears of rising energy prices. With firms and individuals alike balancing their books to cope with growing expenses, the new scheme offers its targets a welcoming offer of a 35 to 40 per cent discount on their current phone plan.

The calls’ origin has been tracked to Northern Ireland’s Ballygawley, and they feature a bogus customer service agent presenting the discounted deal on phone plans for customers using the O2 network. While the call is ongoing and the discount is being explained, customers receive an SMS message that is an authentic text sent by O2 containing a single-use passcode for users to access their personal account. These types of SMS are usually issued by O2 for customers who have forgotten their personal password.

However, the fraudster on the phone requests this code to apply the discount to the user’s account. When the unwitting victim hands over the code, the scam artists can access their personal O2 account.

The cybercriminal campaign involves the threat actor entering their victim’s number into the O2 official website and following the protocol required when an individual cannot remember their credentials. This triggers the legitimate text message containing the access code. If the fraudster is successful in convincing their victim to hand over the code, they can enter the protected area and commit criminal actions.

Accessing personal details from a compromised account

Once the fraudsters have gained access to a person’s O2 account, a wide range of personally identifiable information (PII) may be obtained. This data can include full names, postal and email addresses, and banking information, among many other types of private information.

Many O2 users link their payment cards to their accounts for ease of paying. This allows hackers to use this information to make criminal purchases or to harvest financial credentials to sell on to other cybercriminals for use in their campaigns.

While the scam is predominantly aimed at less tech savvy individuals, it has the potential to cause damaging data theft for both businesses and customers using the O2 service. The clever use of an authentic O2 text has the ability to add credibility to the scam and could fool those caught unaware. Investigative research suggests that the same fraudsters behind the campaign are also targeting customers using Three and Carphone Warehouse services and have offered discounts of up to 100 per cent on phone charges.

The research also revealed multiple searches of the telephone number used for the bogus O2 calls – 028 8501 7468 – since November last year. Those receiving such a call are advised to end the call immediately and report it to their network provider.