The BBC TV license has been in and out of the news headlines over the last few months. Now, it is back onto The Defence Works headlines as, yet again, the BBC Scam email drops into our inboxes. Earlier this year, we wrote about a similar BBC based scam. That scam was based on the use of the BBC, TV Licensing, brand to phish the recipient.
This week’s scam is another BBC branded email which looks like this:
The TV Licensing Scam Email
If you are a regular reader of this blog, you’ll know that phishing emails are often branded to look like a well-known company. The BBC and its associate organisation, TV Licensing, is one such brand that is known in the UK. This makes the BBC a perfect target brand for the fraudster to spoof and use as bait.
The scam email we received looked like it was from “TV Licensing”. But the underlying email address was poorly disguised and showed “firstname.lastname@example.org” on scrutiny.
The TV Licensing scam email was branded in the TV Licensing colours and formatting to make it seem legitimate. However, the image was not displayed correctly.
The email content discussed how the recipient’s direct debit, set up to pay the license fee, had been declined. The scam email also made threats that if not paid immediately, the TV owner would become “unlicensed” and a debt collection agency informed.
What Happens if you Click the Links?
In recent scam email campaigns discussed in this blog, the entire email content was presented as a linked image; this increases the likelihood of accidental clicks. However, the TV Licensing scam email contained only two links, one linked to the non-displaying image, the other to a button “Renew Your License Now!” Both links, on clicking, took the email recipient to the same URL.
On clicking the link, you get taken to a phishing website. The website looks exactly like the TV Licensing website where you would set up an account and add a direct debit.
In this case, the website is not infected with malware.
Instead, the fraudsters in this phishing scam want to collect your data, and in particular, bank details. The spoof site behind this scam does just that. On analysis by Kaspersky, the site was shown to be a known phishing site that steals personal data.
When we last reported on a TV Licensing scam email campaign earlier this year, the result was a loss to consumers of £830,000. It is important that when you enter data into a website you are sure it is the real site and not a spoof; ideally, type or copy/paste the known URL of the website in question directly into the browser.
NOTE: you can no longer trust the HTTPS at the front of a web address. In a recent report by the Anti-Phishing Working Group (APWG) they found that almost 60% of spoof sites used HTTPS.
Why not help your colleagues stay safe and send them this little reminder. Feel free to edit, copy/paste the advice below:
TV Licensing Phishing Scam
If you receive an email from TV Licensing may be a scam. The email states that the direct debit for your TV license has failed and you must click a link to reactivate it.
DO NOT CLICK ANY LINKS IN THE EMAIL IT IS A SCAM
If you do click the link, you will be taken to a spoof site which looks exactly like the TV Licensing website. If you enter data into this site it will be stolen by a cybercriminal.
For more information on what to do if you receive a phishing email check out “What to Do if You Click on a Phishing Link?
Don’t forget to share this with your colleagues and friends and help them stay safe.
Let’s keeping breaking scams!