Friday, November 4, 2011

Alert: Virgin Mobile - Issue found and fixed.

I regularly receive and malicious emails advise readers. One form of a malicious email is an email which comes from a well known company. The email looks legitimate because it is can be a very good copy of a legitimate email that has been sent out by the company. The very good copies are almost impossible to distinguish from the original. The links in the email usually give the fake email away as they take people to a site which looks like the company, but is a slightly different domain name. A small change tricks many people into revealing their username and password details.

Today I received an email which is most likely from Virgin Mobile, but what looks suspicious is the links in the email don’t go directly to the Virgin Mobile site. They go via a site that appears unrelated. I suspect the site is a marketing site, where if you click on the link they can measure who clicked and then track that person. But is isn’t a Virgin Mobile site. If you follow the link you’ll then be redirected to the Virgin site.

I consider this to be bad form for a large company like Virgin. Given the large number of people who are tricked into revealing their details there is no reason to provide a link. People can be advised to go to the site which can be provided as straight text for people to copy and paste into their browser.

The following is the start of the email.

Hi Kelvin,

Our technical team has recently corrected an error in your service which may have caused some of your data to expire a day or two before its due date.

As an apology for the error and as a gesture of goodwill, we're going to add 300MB of data to your account.

Now given I’m on a yearly data plan and it is many months before my plan expires, this really is a suspicious email. In addition I did have a problem with Virgin Mobile. I updated my details so all communication would go to my email address and not a Virgin email address. The problem is this doesn’t apply to your data usage. I thought I’d be advised when the first months data was expiring but those emails didn’t go to the address I provided and I lost a couple of gigabytes of data. Now I’m receiving an email which doesn’t appear to be related to my plan so it really does feel suspicious. The only way I can check is to call their customer service, who when I called last time to provide constructive feedback to help Virgin I was treated quite abruptly, so I really don’t want to spent the time waiting on the line to get treated poorly  again.

I highly recommend that if you do receive an email from Virgin Mobile, or any other company, and in particular when it requires you to enter a username and password, don’t click on a link in the email. Open your browser and enter the web site address. If you do that you can’t be tricked by the scammers.

Kelvin Eldridge

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.