O2 and Vodafone customers are at risk from scammers. They are being targeted by a cruel email campaign, which aims to empty their bank accounts.
Action Fraud is warning customers that the scammers have personalised the emails, to make them seem more realistic, and alerting people not to be duped.
See also: The bizarre piece of ransomware that forces you to play a game
See also: Scamwatch: Nintendo gamers targeted
See also: Stop! It's not a tax refund. It's a scam!
The scammers send emails, featuring the logos of the brands, and claiming to be the monthly bill - for an eye-watering sum of over £200. They then direct customers to check their bill online - which they assume people will do in order to see where these huge charges have come from.
If you are fooled into clicking on the link, they will download malware to your computer. This is rogue software that monitors when you are visiting financial websites, like online banking. They then record your passwords and PINs, and send them back to the scammers - who are then free to empty your account.
Customers have taken to social media to share pictures of the scam emails in an effort to raise awareness. So a quick search of Twitter can call up some examples of the scam emails - like the one pictured.
The O2 scam reads: "Now you have your bill for 04/04/17 been ready." It adds: "We will take it away from your account at the payment day, or a bit after", and "to watch your latest bill online anytime." Similarly one version of the Vodafone scam reads: "Please, have Your latest Vodafone bill already performed for the payment."
Some versions of the Vodafone scam are less obviously incorrect, but include the kind of sentence construction that might be produced by an online translator rather than an English speaker. One reads: "Your latest Vodafone bill is ready for you to receive it online."
The other giveaway is that while they are spoofed to look like the email is coming from an official site when you see it in the list of emails, when you hover over the address, or right-click it, you can see the real address is something far less recognisable.
As a general rule, it's worth being particularly wary about emails from a source you don't know personally, especially when you are asked to click on a link - or where you are prompted to install something onto your computer.
You should also assume the worst if an email asks your username or password, because providers would not normally ask for this information by email under any circumstances.
If you are concerned it may genuinely be from your mobile phone company - or anyone else you receive services from - then do a separate online search for their contact details from a reliable source, and call them to check the details of your account.
And finally, it's well worth paying for online protection from anti-virus software, which will scan anything that tries to download itself to your computer, and reject malware. Don't forget to regularly check the website of your chosen virus software, however, and download any updates, so you are protected against any newly-developed viruses.