The very convincing scam targeting Telstra customers


A new scam has emerged targeting the inboxes of Telstra customers.

The email, which purports to be a Telstra bill, is designed to trick people into clicking on malicious links, according to cyber security firm Mail Guard.

It contains two scams. The first one directs users to a fake Telstra login page before asking for login credentials and credit card details.

 

Cyber security firm Mail Guard said the email appears as a really convincing Telstra email bill (pictured). Source: Mail Guard

If the user clicks the “View Bill” link, they will be forwarded to a phishing page, which collects credit card details and personal data.

Mail Guard also notes while the website appears convincing, part of the URL appears as “csaonline.com”, a US website with no link to Telstra.

A second scam involves malware with the “View Bill” option redirecting users to a malicious malware website registered in China.

This site, redirected from the scam email, will steal user’s credit card info. Source: Mail Guard

According to Mail Guard, while the display name on this message is “Telstra Email Bill”, the malware link is being sent from the following email addresses:

  • telstraemailbill_noreply1@360degreeshows.com
  • telstraemailbill_noreply1@atticusfilm.com
  • telstraemailbill_noreply1@butterflypassion.com
  • telstraemailbill_noreply1@isaacmartinez.com
  • telstraemailbill_noreply1@minocquasupperclub.com
  • telstraemailbill_noreply1@pekingwillow.com
  • telstraemailbill_noreply1@seminoleguardian.com
  • telstraemailbill_noreply2@4webstudio.com
  • telstraemailbill_noreply2@brokenbowcampground.com
  • telstraemailbill_noreply2@cissyye.com
  • telstraemailbill_noreply2@makenatapiceria.com
  • telstraemailbill_noreply2@p2pwi.org
  • telstraemailbill_noreply2@slammingsteel.com
  • telstraemailbill_noreply2@stevenye.com
  • telstraemailbill_noreply3@cyclocrossonline.net

The firm described the scam emails as a form of “brandjacking”, in which criminals use email templates which look like the messages are being sent from big companies.

Mail Guard said the email is an example of ‘brandjacking’. File pic. Source: Getty Images

If you think you have been a victim of a cyber scam, consider filing a report with the Australian Cybercrime Online Reporting Network at https://www.acorn.gov.au.

If you provided any details to your financial accounts, contact your bank immediately and monitor your accounts closely.

Also, be sure to change your passwords to a newer and more secure version, preferably with a combination of numbers and letters.