Fake account suspension email notifications from BigPond are aimed at defrauding users of their personally identifiable information, including financial details. Having originally started several years ago, this hoax is on the rise again as of April 2017. Unsuspecting BigPond customers are misinformed of allegedly incorrect billing information and instructed to update it via a rogue Telstra account dashboard.
What is the BigPond phishing scam?
BigPond is a brand name associated with Telstra Corporation Limited, Australia’s biggest telecom and media services provider. Since May 2016, this branding has been used to denote a movie service only, with the rest of the features transferred into the domain of Telstra, the parent organization. Although the implications have narrowed down considerably, online scammers keep targeting BigPond customers with tricky phishing emails. A recent wave of this fraud revolves around deceptive messages that try to dupe users into thinking their personal account information needs to be refreshed to prevent suspension.
These misleading emails look like they are sent from the service provider’s official address, such as firstname.lastname@example.org. This, however, is a trick backed by malicious techniques like email spoofing, so the sender’s actual email address can be arbitrary but appear to come from a reputable source. One way or another, people tend to perceive such notifications as genuine and take them seriously. The body of the messages goes,
Dear BigPond Customer,
Telstra BigPond is sending this e-mail to inform you that our service to you could be suspended. This might be due to one of the following reasons:
1. You have changed your billing address.
2. You have submitted incorrect information during the payment process of your bill.
3. Your credit/debit card has expired.
4. You have not updated your BigPond profile.
To ensure that your service will not be interrupted, we request confirmation and update of your billing information now by clicking the following link: [rogue URL].
Overall, the text appears to be professionally tailored. There are several little giveaways, though. First of all, neither BigPond nor Telstra will ever reach out to their customers on such a serious matter via email only. Secondly, the message contains a few punctuation and extra spacing errors that the official company wouldn’t make – however, not many recipients notice them. Eventually, if the targeted user follows the embedded link, they end up on a counterfeit My Account page. It requests sensitive details, including the client’s credentials with Telstra as well as the credit card number, card expiry date, verification code, name on card, and OSID (Online Shopping ID) for NAB card.
It doesn’t take a rocket scientist to understand that this data may suffice for cybercriminals to steal funds from the victim’s banking account. This is why it’s highly recommended to refrain from submitting any confidential information via a page linked-to from phony BigPond suspension emails. It’s worth mentioning that these messages may also contain malicious attachments. When opened, such files will instantly initiate the infection chain. The malware delivered this way may turn out to be ransomware, which will encrypt all files on the hard drive along with network shares and demand Bitcoins for decryption. So, again, do not click on links or open attachments that go with emails impersonating BigPond or Telstra. In case you already did, follow the steps below to make sure no viruses have been deposited on your computer by means of this hoax.
Check for viruses distributed via BigPond email scam
The extermination of malicious entities that may accompany the BigPond email scam can be efficiently accomplished with reliable security software. Sticking to the automatic cleanup technique ensures that all components of the infection get thoroughly wiped out from your system.
1. Download recommended security utility and get your PC checked for malicious objects by selecting the Start Computer Scan option
2. The scan will come up with a list of detected items. Click Fix Threats to get probable malware removed from your system.