Soft2Secure

Telstra email scam on the rise

Telstra email scam on the rise

Online crooks are inventive enough to defraud users of money without having to infect their computers with malicious software. Email hoaxes work wonders for this purpose. One of these large-scale scams revolves around Telstra, the largest telecommunications company in Australia. Rogue bills and refund emails on behalf of Telstra are aimed at duping customers into disclosing their sensitive personal information, including account ID and payment card details.

What is Telstra email scam?

Ever since Telstra Corporation Limited introduced a paperless billing principle, its customers found themselves in the spotlight of ne’er-do-wells’ felonious schemes. In a massive phishing wave circulating for many months on end, scammers have been attempting to trick the company’s clients into handing over their confidential data. The fake email bills look plausible enough for users to take them for granted: they contain the right logo, links to crowd support, live help and 24/7 support via Facebook, as well as technicalities such as the person’s account number. Even more, there is a forged signature of Gerd Schenkel, Executive Director of Telstra Digital Sales and Service. However, one of the giveaways is the non-personalized “Dear Customer” phrase and the absence of currency abbreviation in one spot across the text.

Fake Telstra refund email

The fake notifications may be camouflaged as invoices proper or billing information update requests. The most recent theme of these scam emails has to do with refunding. In particular, they claim that the recipient has paid one of their bills twice due to a charging error. Most of the time, the amount to be allegedly refunded is $202.42, which is per se quite a lure for anyone. The actual wording is as follows, “After reviewing our payment server we found the following error, your monthly billing balance was paid in twice (202.42 * 2) an amount of 404.84 AUD.” In order to receive the excess charge back, the targeted customer is supposed to click the “Log in to My Account” button. Instead of genuine refund processing, though, people are subject to a harsh identity theft in the long run.

Rogue ‘My Account’ page asking for sensitive details

Having clicked on the phony login button, users end up on a spoof web page rather than telstra.com or telstra.com.au. The site itself is designed quite professionally, originally requiring the visitor to enter their Telstra ID and the appropriate password. Be advised any credentials entered at this stage will work, not necessarily one’s real username and password. Alternatively, people get an option of logging in with Facebook. Then, a counterfeit Refund Processing page will open up, asking the victim to type in their name, current email, and such highly confidential data as card type, card number, expiry date, verification code, name on card, credit limit, and OSID (Online Shopping ID) in case it’s a NAB card. For alleged proof of identity, the scammers also require the user’s date of birth. With all this information at their disposal, the fraudsters can easily obtain access to the victim’s bank account, with all the ensuing consequences. When confronted with the Telstra email scam described in this entry, users should never hand over their personally identifiable data and banking information.

Check for viruses distributed via Telstra email scam

The extermination of malicious entities that may accompany the Telstra email scam can be efficiently accomplished with reliable security software. Sticking to the automatic cleanup technique ensures that all components of the infection get thoroughly wiped out from your system.

1. Download recommended security utility and get your PC checked for malicious objects by selecting the Start Computer Scan option

2. The scan will come up with a list of detected items. Click Fix Threats to get probable malware removed from your system.

Posted in: KnowledgeBase

Leave a Comment (0) ↓