ESET Ireland is warning about the latest phishing scam, targeting Eir customers.
A poorly spelled email pretending to come from Eir is trying to catch the Irish unaware, claiming there’s a problem with Direct Debit payment and threatening to suspend their “eir Broadband and eir TV services within the next 24 hours”
Subject: eir Unable to retrieve payment for your latest bill
Dear nod32
Your bank has let us know that there isn’t a valid Direct Bebit instruction set up between eir and your card number xxxx-xxxx-xxxx-xxxx (not shown for security purposes).
We were unable to retrieve payment for your latest bill with the payment method that we have on file. Therefore, we will suspend your eir Broadband and eir TV services within the next 24 hours.
To prevent this from happening, you need to update your payment method with us.
Go to eir Funding your Eircom Payments and provide us with a valid payment card in order to continue using our services.
We apologize for any inconvenice this may have caused.
Thank you for using eir.
The link provided in the email leads to a fraudulent landing page (screenshot 1), registered in Florida, USA, which requires the user to fill in all their personal and payment card info, then it continues to another page which requires the victim to fill in their Verified by Visa password or MasterCard SecureCode (screenshot 2). After handing their payment card and password details to the cybercriminals, the victim is returned to the official Eir website.
Eir’s official website has a small notification about them being aware of phishing campaigns, but the link with “further information” provided in it, unfortunately, leads nowhere.
ESET Ireland therefore recommends to people receiving these fraudulent emails, to delete them and not click on the links in them, and to contact their Eir representative directly in case they’re worried about their payment details.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.