I’ve heard reports of various bt(dot)com phishes doing the rounds over the last couple of weeks, but arrived at the scene of the crime too late to grab some screenshots and ring the “unclean, unclean” bell.
Thankfully Christmas has come (very) early, as here we have one such phishy character to poke with a stick. I imagine this is being promoted via emails, but I don’t have one of those to hand so we’ll have to make do with a website example for the time being.
As you can see, the site looks pretty convincing and asks the user to “Log in to the personal area”. Phishes tend to say “thanks for coming along, now get out” once you’ve entered your login details – however, this one has bigger things on the horizon.
Like a gold plated yacht.
Credit card / bank account information is the name of the game, along with some other bits and pieces including mother’s maiden name and date of birth. Clicking through takes the user to the following screen:
Click to Enlarge
I don’t know about you, but I tend to think the “billing department” mentioned above will probably be sailing around the Atlantic in their aforementioned gold plated yachts instead of confirming the information sent their way.
We’ve had the above phish taken down, but I doubt we’ve seen the last of this one. Please be wary of emails / websites claiming to be from BT that ask you to fill in all of your payment details – nothing good will come of it (unless you’re the one in the yacht).