I fell for a fake O2 scam text and logged into their fake site with my real O2 credentials and typed in my card details but did NOT press send. I deleted my details from the text fields, closed the site immediately and changed my O2 password. I’ve since frozen my Monzo card too. Could they have read what I typed in without pressing enter?
Have I done enough, or do I need a new Monzo card? Monzo’s in-app chat will probably take the usual 24-36 hours to get back to me, and I don’t want to wait.
They can read it as you type if they’ve programmed it well.
I would cancel the card to be safe.
1 Like
I’d order a new card to be safe. The text fields could well have sent data on keystroke, rather than on form submit.
You should be able to order a new card without contacting support.
2 Likes
Replacing your card seems like a sledgehammer on a nut issue here.
I mean, you could tell us the scam URL you went to, and people with actual web programming knowledge would be able to look at it and tell you if you have anything to worry about. Frankly scam log in pages are rarely more than a post form in my experience.
1 Like
If you logged in with a username and password you use on other sites, you should go change those too as you submitted that form.
2 Likes
If you post the link I could have a look if it was live sending,
But for peace of mind just replace the card I would say, you can do that your self in the app, now that it’s frozen there should be an option to order a replacement instead of the freeze button.
2 Likes
Quick question. I need to preferably use the card today. Can I unfreeze it and use it safely? Or is it that any previously failed transaction/s by the scammer will go through in those 30 seconds?
You’ll be fine, unless a fraudulent transaction is attempted exactly within that 30 second window.
1 Like
That’s the dodgy link for those wanting to have a look.
Chrome doesn’t like that!
Edge doesn’t mind it.
I’d probably redact the link just in-case someone who’s not so tech-savvy doesn’t click it and try to login. You never know.
1 Like
I used my email address… but I’ve changed that password. It was a randomly generated one. All of mine are.
1 Like
I’m just getting 404 on mobile
I would ring o2 and cancel your card asap - Mostly every single letter typed gets sent depending how it’s been coded
1 Like
I’m getting 404 - it seems like it was a temporary disposal url which was set up just for one person. I did some random testing and it looks like the 710 number in the url is the 710th link such as you’re the 710 person who got a text so they know who clicked on it and stuff
710 is part of the domain name, that means they would be setting up a new domain for each text which I’ve never seen before.
I think they are setting up a new domain for each scam, the site was registered today,
Although that IP has had other domains like o2[.]uk[.]bill553[.]com registered to it.
You’ve done the right thing ordering a new card, job done 
It might be worth letting O2 know about the problem too - if they have your mobile and your email - they could target you with a sim swap scam:
2 Likes
Seems to be registered to a Malaysian web hosting company.
https://www.ip-tracker.org/locator/ip-lookup.php?ip=111.90.149.79
There’s an abuse email on their website, I’ll send one off.
2 Likes