Scammers get pretty creative with their campaigns by making them appear to be legit and something that the target users need. One example is the fake security update notifications that are targeting mobile network provider O2's users.
The scam is circulating via emails (that read extremely badly, by the way) that ask users to install an update to safeguard their online usage. Ironic that they're the ones who are actually hell-bent on exploiting the user's privacy.
ITPro has intercepted a couple of these emails, which read:
As part of ongoing upgrade, have introduced a new internet security into our online services to protect all our users information. We endeavour all our user's to protect their account by clicking on the link below.
The link directs to a site that asks users for all sorts of personal information. In short, it's a phishing scam and it seems like the ones behind it are pulling the old bait and switch: baiting users with a promise of a security update while actually carrying out a phishing scam.
O2 is aware of the emails and have advised their users to avoid clicking onto the links in the email for their own privacy.