Menu
Reply
Highlighted
  • 2
  • 0
  • 0
Marydoll63
Joining in
2,517 Views
Message 1 of 14
Flag for a moderator

Phishing Scam Emails

I've just joined this community today as it seems unlikely that the only Virgin staff that are contactable can answer my query.  (All phone numbers seem to lead to the Philippines and they don't seem to be able to deal with anything much outside of their learnt English script).  My question is:

Does the Virgin company have an email address where we can forward on phishing scam emails that pretend to be from Virgin?

Most reputable companies have a special email address for reporting such matters.  I am hoping that Virgin does have one.  I used to love the Virgin brand, respecting Richard Branson as a businessman.  Now I am highly skeptical of a communications company who fail to be able to communicate with their customers in an appropriate manner.

I received this email today, which looks like a phishing scam to me.  Or is it a genuine Virgin email? They outsource so much work that i would not be surprised if they were using a dodgy company to sign off contracts.  See copy of email here: 

Your revised Virgin Media contract – please sign
 

 

[MOD EDIT: Inappropriate Hyperlink removed, please review the Forum Guidelines]

 

0 Kudos
Reply
  • 9.62K
  • 1.31K
  • 3.94K
Superuser
Superuser
4,337 Views
Message 2 of 14
Flag for a moderator
Helpful Answer

Re: Phishing Scam Emails

They do have a reporting address for Phishing as set out here: https://help.virginmedia.com/system/templates/selfservice/vm/help/customer/locale/en-GB/portal/20030...

However, if you have recently amended your services with VM then they do send the contract electronically using DocuSign.
_________________________________________________________
Graham
I am a VM customer. There are no guarantees that my advice will work. To say thanks click the kudos thumb. If I have solved your problem please click the helpful answer button.
  • 14.32K
  • 767
  • 5.05K
Superuser
Superuser
4,330 Views
Message 3 of 14
Flag for a moderator
Helpful Answer

Re: Phishing Scam Emails

Looking at the email it seems a genuine one.

Docusign are a legitimate company who Virgin do use to gather electronic signatures for new or updated contracts.  I'm going to ask that Virgin's @ModTeam obfuscate the link as it will be personal to your contract.  But mousing over it it does appear a genuine link as opposed to a phishing one.

Tim

Edit BTW - there are two things I'd like to point out.

Docusign themselves are not a dodgy company.  In fact they actually have a process whereby customers should be able to view the Contract WITHOUT clicking the link.  Sadly Virgin Media's emails do not include the necessary information to do this, and to be quite frank the way the email is set out, makes me think that they treat their customers like children.

Richard Branson has nothing to do with Virgin Media apart from allowing them to use the Virgin brand in a 13 year licensing deal after he sold Virgin Mobile to NTL/Telewest.

Tim

________________________________________


Only use Helpful answer if your problems been solved.

  • 369
  • 49
  • 173
coenoby
Fibre optic
4,310 Views
Message 4 of 14
Flag for a moderator
Helpful Answer

Re: Phishing Scam Emails

Hi Mary.

I have taken the initiative to flag your post to the Forum Moderators.

The link in your post leads to your personal details and the contract you have (apparently) just entered into with Virgin.

This is serious!!!!

coenoby

*******************************
If someone posts a useful reply you can say thanks by clicking on the thumbs up sign in their post.
If someone posts a message that solves your problem it helps everyone if you mark their post as an Accepted Solution.
  • 3.58K
  • 211
  • 1K
Sololobo
Wise owl
4,285 Views
Message 5 of 14
Flag for a moderator
Helpful Answer

Re: Phishing Scam Emails


coenoby wrote:

Hi Mary.

I have taken the initiative to flag your post to the Forum Moderators.

The link in your post leads to your personal details and the contract you have (apparently) just entered into with Virgin.

This is serious!!!!

coenoby


Not serious enough as the link is still there an hour later! Smiley Surprised

(Just a thought: Does providing a link in an email communication which gives direct access to private and personal information, without requiring any log in credentials, a potential breach of the Data Protection Act?)




It's What I Do.
I Drink and I
Remember Things.
  • 880
  • 31
  • 167
MrHalfAsleep
Well-informed
4,275 Views
Message 6 of 14
Flag for a moderator
Helpful Answer

Re: Phishing Scam Emails


Sololobo wrote:
(Just a thought: Does providing a link in an email communication which gives direct access to private and personal information, without requiring any log in credentials, a potential breach of the Data Protection Act?)

Yes!  Massive fines can be levied against VM for doing so.  It needs to be removed immediately.  However, that said, the OP should have removed the link, but as a new user they may be unaware of how to do this and that their details are floating around on a public forum.  Unfortunately the time for editing has passed and a mod will have to edit it out.  It needs to be treated as a matter of urgency.  [edit] I've notified a mod myself.







--
The only winning move is not to play.
No system is 100% secure
Ridicule is nothing to be scared of - Adam Ant
The only thing constant - is change. Chris Evans
The internet is a series of tubes
  • 369
  • 49
  • 173
coenoby
Fibre optic
4,224 Views
Message 7 of 14
Flag for a moderator
Helpful Answer

Re: Phishing Scam Emails

Just to avoid any possible confusion, my comment 'This is serious!!!!' in my earlier post was in relation to the fact that the OP had unknowingly posted a link to her confidential information on the forum and that it was still there.

As far as I can see, all the evidence points to the fact that the email is completely genuine and not a phishing attempt.

coenoby

*******************************
If someone posts a useful reply you can say thanks by clicking on the thumbs up sign in their post.
If someone posts a message that solves your problem it helps everyone if you mark their post as an Accepted Solution.
  • 1.77K
  • 189
  • 542
Superuser
Superuser
4,195 Views
Message 8 of 14
Flag for a moderator
Helpful Answer

Re: Phishing Scam Emails

Hopefully the forum moderators told the Virgin Media department responsible for sending the email to invalidate the link. To be on the safe side I would also suggest you contact DocuSign to invalidate the link in case Virgin Media have not or are slow to do so.

You may also wish to query with the Information Commissionaire's Office (ICO) whether there have been any failings in the handling of your personal information.

  • 14.32K
  • 767
  • 5.05K
Superuser
Superuser
4,178 Views
Message 9 of 14
Flag for a moderator
Helpful Answer

Re: Phishing Scam Emails


用心棒 wrote:

Hopefully the forum moderators told the Virgin Media department responsible for sending the email to invalidate the link. To be on the safe side I would also suggest you contact DocuSign to invalidate the link in case Virgin Media have not or are slow to do so.

You may also wish to query with the Information Commissionaire's Office (ICO) whether there have been any failings in the handling of your personal information.


Of course the ICO would need to take into consideration that it was the OP who posted the information in the email in a public forum.

Tim

________________________________________


Only use Helpful answer if your problems been solved.

  • 3.58K
  • 211
  • 1K
Sololobo
Wise owl
4,168 Views
Message 10 of 14
Flag for a moderator
Helpful Answer

Re: Phishing Scam Emails

I have to question the process by which a hyperlink which gives direct access to personal and private information can be included in an email communication and be considered secure.

Two Factor Authentication anybody?

By all means include a link to documentation, but ensure that access relies on the recipient subsequently logging in using a password known only to themselves.

While this particular instance was a result of the recipient inadvertently posting the information themselves, as noted previously not all are aware of the dangers and pitfalls inherent in online communications.

The incident would not have arisen if the original communication had not included an insecure link in the first place.

 




It's What I Do.
I Drink and I
Remember Things.