Links

Ben Laurie blathering


O2 Like Phishing

They must do, or they wouldn’t do stupid things like this.

I got an email, looking just like this

We’d like to say ‘thanks’ for being a great customer by offering you either a FREE Pay Monthly handset upgrade OR £100 credit added to your account – provided you haven’t recently upgraded†.
And it couldn’t be easier. All you have to do is renew your contract with O2 before 31st August 2006.
If you choose to renew your contract for 18 months, rather than 12 then there’s even more on offer:
  • If you prefer to talk we have a range of Talker plans with Double Minutes each month*. For example, on an Online 500 Talker plan you’ll get 1000 minutes and 150 messages each month for £35.
  • If you prefer to text we also have a range of Texter plans which offer 50% Extra Minutes and Texts each month*. For example, on an Online 500 Texter plan you’ll get 750 mins and 750 messages each month for £35.
To see our full range of handsets and offers and to renew your contract, click here.
And thanks again for choosing O2 .
† The information used in this mailing is based on your contract status as at 30th April 2006. Unfortunately, if you upgraded after this date your new contract means you won’t be eligible for these offers. Terms and conditions apply. *Offer subject to ongoing connection to eligible tariff see letter for details. Promotional allowances must be used within the month. Unused allowances cannot be carried over into subsequent months.

OK, I removed some maybe-identifying data from the link, but you’ll notice the link goes to www.o2-mail.co.uk. “Oho”, says I, being a suspicious sort, “that’s not O2’s website, I wonder who managed to register it?”

$ whois o2-mail.co.uk

Domain name:
o2-mail.co.uk

Registrant:
Vertis

Registrant type:
UK Individual

Registrant’s address:
The registrant is a non-trading individual who has opted to have their
address omitted from the WHOIS service.

Registrant’s agent:
MCI Worldcom Ltd [Tag = UUNETPIPEX]
URL: http://www.uk.uu.net

Relevant dates:
Registered on: 01-Aug-2003
Renewal date: 01-Aug-2007
Last updated: 04-Aug-2003

Registration status:
Registered until renewal date.

Name servers:
ns0-o.dns.pipex.net
ns1-o.dns.pipex.net

Hmmm, a non-trading individual who wants to renew my phone contract, eh? Think I’d better check that out – but what a shame, http://www.uk.uu.net doesn’t actually resolve, so looks like I’m not talking to them. And, oh dear, Nominet are closed until Monday, so that avenue is out, too.

The mail itself, incidentally, purports to come from o2-email.com, a domain which they didn’t even bother to register.

So, fearing nothing, I clicked on the link – which redirects me to http://www.o2renew.co.uk/. Here we go again.

$ whois o2renew.co.uk

Domain name:
o2renew.co.uk

Registrant:
AIS Group Ltd

Registrant type:
UK Limited Company, (Company number: 3561278)

Registrant’s address:
Berners House
47-48 Berners St
London
W1T 3NF
GB

Registrant’s agent:
Global Registration Services Ltd [Tag = GRS]
URL: http://www.globalregistrationservices.com

Relevant dates:
Registered on: 14-Apr-2005
Renewal date: 14-Apr-2007
Last updated: 27-Jul-2005

Registration status:
Registered until renewal date.

Name servers:
ns25.worldnic.com
ns26.worldnic.com

At least this has an address, if I could be bothered to follow up, which I can’t, but this all looks a bit fishy. To compound the fun, I also got a text on my mobile with the same offer, but anyway, I phone O2 customer services. They explain that this cannot possibly be O2, it must be one of their “marketing partners” who will, if I fill in the form, renew my contract with O2, but via them. And, presumably, or maybe not, give me a new phone. I ask where they got my email address and phone number, and the answer is that at some point I left a box ticked that said it was OK for partners to send me stuff.

So, do O2 condone this practice, I ask? The answer is, apparently, that they do. They don’t even mind, it seems, that the website has O2 branding on it.

If O2 is going to allow people they have contractual relationships with to do this kind of thing, how on Earth do they expect consumers to learn what is phishing and what is not?

1 Comment

  1. […] In this post, Ben Laurie shows just how hard the current identity patchwork (read “architectural black hole”) makes it to know what is going on – even if you’re one of the top Internet security people in the world, as Ben is.  […]

    Pingback by Kim Cameron’s Identity Weblog » O2’s FREE monthly handset teaches how to be phished — 28 Jul 2006 @ 22:53

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.

Powered by WordPress