Another Phishing Scam Hits the Web

Why is it that scammers use the same kind of hoaxes again and again and again? Perhaps it's because so many people keep falling for them again and again and again.

Here's the newest one: people all over the world have been getting e-mail messages recently that said they were coming from a United Kingdom-based internet and telecommunications company TalkTalk. The messages claimed that the recipient's TalkTalk service will be cancelled unless account details are verified.

Been there, done that, got the t-shirt, right?

No. It seems way too many people did as they were told, bringing the issue to the attention of the Hoax Slayer investigators.

Here's what they found:

Liked this article? Don't miss another one. Follow us on Twitter or Facebook.The main conclusion is that the e-mail is not from TalkTalk. Rather, it is a phishing scam. It is designed to steal personal and financial information from TalkTalk customers.

This is how it looks:



Besides, Hoax Slayer says, its investigations show that this e-mail, which purports to be from UK-based Internet and telecommunications company TalkTalk, warns the recipient that his or her TalkTalk service may be cancelled or limited if account details are not verified. Just click a link to login to your account, it says, and provide all of the requested information.

Except, TalkTalk's got nothing to do with it. The claim that the recipient's service is about to be cancelled is a lie, and a crude lie, to boot.

Clicking the link in the e-mail will take you to a fake website designed to resemble the real TalkTalk website. You will be asked to login with your real username and password. Once you've done that, you will see the following web form, asking you for your credit card details and address information:



Clicking the submit button on this fake form will send all of the information you have entered to the cybercriminals operating the scam. Besides, it's a given that the scammers will thus also collect the login credentials you have submitted via the bogus login page. Why would they do it? Well, it gives them enough information to be able to use the stolen information to conduct fraudulent credit card transactions. They can also access the user's real TalkTalk account, steal more personal information that may be stored there and use the account for their own nefarious purposes.

TalkTalk has displayed the following message on its login page to alert customers about this scam:

Some customers have received a hoax e-mail asking for their billing details. Please note that TalkTalk will never ask you to confirm your banking details via e-mail.

Phishing is a very common form of criminal activity that has targeted customers of many different companies and financial institutions all around the world, Hoax Slayer warns.

Be cautious of any unsolicited e-mail that claims that you must verify or update account details by clicking a link or opening an attached file. To login to your account, go directly to the company's website via your web browser. Do not login via a link in an e-mail.

Liked this article? Don't miss another one. Follow us on Twitter or Facebook.