Broadband ISP Virgin Media UK Sees 285 Percent Rise in Phishing Threats
Broadband, phone and TV provider Virgin Media (O2) and their security partner, Akamai, have this morning warned that they’ve seen a 285% rise in phishing attempts this year. This figure has jumped to a huge 232,365 average new phishing threat entries to their threat intelligence feeds each day between April to June 2025.
Phishing typically reflects the fraudulent use of legitimate / trustworthy business or personal images (brands) that have been designed to fool users into entering their personal, financial or security information (scammers sending you fake bank emails etc.). This data is then stolen and abused by the fraudsters.
As part of its ongoing ‘Swerve the Scammers’ campaign, VMO2 has continued to invest in new tools and technologies to keep customers safe online. This year, the company has blocked over 600 million scam messages so far and rolled out AI-powered scam call detection to flag potentially fraudulent calls to customers before they even pick up the phone.
Advertisement
Take note that all Virgin Media customers receive their Essential Security software as standard to help fight phishing scams, viruses and to provide other protections. Customers can optionally add Advanced Security, for three months free via a trial, or pay £3 monthly or £30 annually, which offers on-the-go protection in and out of the home. The ISP also offered a few security tips.
Virgin Media’s Security Tips to Avoid Phishing Scams
1. Be sceptical of unexpected messages: If you receive an email, text, or call out of the blue, especially one asking for personal or financial information, pause and think. You can act as an additional layer of security yourself. Scammers often pretend to be from trusted organisations like banks, supermarkets, HMRC, or even the NHS. If you’re unsure, don’t click any links or give out personal details. Instead, apply caution and contact the organisation directly using a verified number on its website to verify the request.
2. Check the sender carefully: Phishing messages often use email addresses or phone numbers that look almost legitimate. Look for misspellings, extra characters, or generic greetings like “Dear customer.” If something feels off, it probably is. Keep an eye out for the below examples.
- “Lookalike” characters from non-Latin character sets, for example virginme~diạ.com
- Typos that evade a quick glance, i.e. Virgenmedia.com
- Domain name links that contain lots of extra info at the end such as Virginmedia.com.winner.ru
- Different top-level domain “.xyz” is NOT the same as “.com” i.e. virginmedia.xyz
3. Never share sensitive information: No genuine organisation will call you and ask to confirm your PIN, password, or bank details via email, text, or phone. If you’re being pressured to act quickly or share private info, it’s a red flag.
4. Use strong security tools: See if any extra security comes with your broadband package. All Virgin Media customers get Essential Security, software that fights against phishing scams, as standard. On top of this, customers can also add Advanced Security, for three months free via a trial, or pay £3 monthly or £30 annually, which offers on-the-go protection in and out of the home. In addition to security software, where possible, enable two-factor authentication (2FA) to add an extra layer of protection to your devices, even if your password is compromised.
5. Report and Get Help: If you think you’ve received a phishing message, report it. In the UK, you can forward suspicious emails to report@phishing.gov.uk, and report calls and texts to 7726 (free on any network).
Mark is a professional technology writer, IT consultant and computer engineer from Dorset (England), he also founded ISPreview in 1999 and enjoys analysing the latest telecoms and broadband developments. Find me on X (Twitter), Mastodon, Facebook, BlueSky, Threads.net and Linkedin.
« Major UK Pension Funds Commit £40m to Improve Rural Broadband UPDATE
Advertisement
Leave a Reply
Privacy Notice: Please note that news comments are anonymous, which means that we do NOT require you to enter any real personal details to post a message and display names can be almost anything you like (provided they do not contain offensive language or impersonate a real persons legal name). By clicking to submit a post you agree to storing your entries for comment content, display name, IP and email in our database, for as long as the post remains live.
Only the submitted name and comment will be displayed in public, while the rest will be kept private (we will never share this outside of ISPreview, regardless of whether the data is real or fake). This comment system uses submitted IP, email and website address data to spot abuse and spammers. All data is transferred via an encrypted (https secure) session.
Too many stupid sites come with rubbish adverts, spyware, malware! That’s the trouble even worse with too mamy sites with GDPR with some of it no option out!
I have used report@phishing.gov.uk many times and yet the same spam emails still appear many months later despite reporting them repeatedly over that time. Same subject, same sender. I’ve stopped reporting, it’s a sop, no-one is listening.
It’s rather old fashioned and a bit of manual work to get the email headers, but I’ve found reporting things to spamcop.net in the past has usually been a good tool to inform the network and email administrators that accept reports from Spamcop, that abuse is occurring on their platform.
Luckily I haven’t had an spam for phishing messages for over a year and even the one time I did receive one, it was sent to the ‘Junk’ folder.