Fake Refund Phishing Attacks Target Telstra Customers

With the progression of computer technologies, electronic messages have become a common means of forgery. Spam e-mails spread different kinds of malware and conduct phishing attacks through bogus accounts. Phishing websites copy the user interface of a reliable platform. The e-mail tells users they need to enter their account, tricking them to provide their login credentials. In certain occasions, the bogus message also asks for additional details.

This article aims to warn users about a recent phishing scheme, identified by MailGuard. The scam uses the name of telecommunications company Telstra. The people behind it have somehow managed to obtain the e-mails of over 20,000 of the company’s customers. The concept of the message is the same for every targeted user. It says you have paid your monthly bill twice and tells you how to get your refund.

This kind of notification may not get your suspicion because it is not as alarming as many other spam e-mails tend to be. This is exactly what the cyber criminals aim to achieve. The longer a concept exists, the more people become familiar with it. An e-mail on a crucial matter would sound too unrealistic for the contemporary computer user. A notification on a minor subject causes less suspicion.

The fake e-mail contains all requisites of a legitimate document from Telstra. Even the signature of company executive Gerd Schenkel has been copied. The message tells you about the supposed mistake and gives instructions on how to get your refund. It links to the My Account page of the company’s official website. In actuality, the link takes the user to a duplicate of the My Account portal. The cyber criminals have copied the design to precision.

When entering the bogus platform, you will be asked to provide a lot of details. This should be enough to make you doubt its legitimacy. The standard input you have to enter when handling your account is your login and password. Apart from the credentials for your Telstra account, the phishing website asks you to enter all your credit card and billing address details. It also requests your date of birth.

If the cyber criminals get their hands on all this information, they can drain all your online financial accounts. This would be possible with even less information. The personal data they ask for gives them the opportunity to create fake accounts on your behalf. They can rack up debt under your name. For instance, the cyber criminals can have credit cards issued, take loans and register online financial accounts.

If you have been the victim of this attack, you should notify Telstra immediately. You should also contact the banks which have issued your credit cards and ask to disable them. Another measure is to change your login details for the My Account online portal.

Protecting yourself from spam e-mails can be a daunting task. We can advise you to always be careful about attachments, links and requests for personal information. Whenever an e-mail involves these aspects, check the sender’s data. Make sure he has used an official e-mail account of the represented entity. Check the link source to confirm it leads to an actual panel from the company’s official website.

Leave a Comment

Your email address will not be published.

Time limit is exhausted. Please reload CAPTCHA.