In anticipation of a large-scale campaign, MailGuard have identified and blocked a new phishing variant purporting to be from the telco giant, Telstra.
MailGuard CEO Craig McDonald commented that "this new Telstra scam appears to be a targeted attack by cyber criminals testing the effectiveness of their new approach. Typical of these threats, if successful, a more widespread campaign is likely to follow."
The email purports to be from Telstra with the subject line ‘Your are eligible to receive a tax refund’. The fact that a company such as Telstra would send emails with an obvious typo is the first indication the email should be treated as suspicious. Secondly, the email has not been personally addressed to the recipient and rather addresses them as ‘Customer’.
Cyber criminals also sign off the email from Gerd Schenkel, Executive Director Telstra Digital who is an actual employee of Telstra.
The email claims that the recipient is entitled to a Tax Refund, yet in the email the copy the scam suggests an invoice was paid twice, as the reason for offering a refund.
Hovering over the link where it says ‘Click here to complete your form’ shows the URL contains ‘support-canada’ which is not a Telstra owned domain.
Clicking the link, users are directed to a fake Telstra ‘My Account’ landing page which appears to be a legitimate Telstra site other than the use of the old Telstra logo. The form asks for sensitive personal and banking information, giving cyber criminals access to your credit card number, and other personal details which can be used to create a fake identity and impersonate the victim: identity theft.
"Cyber criminals are banking on the element of surprise. It only takes minutes for an attack to be executed so mail users need to be alert to these threats. Every minute matters, and updates to traditional anti-virus software can take hours or even days, leaving users vulnerable," said McDonald.
To reduce the risk of being tricked by one of these scams, you should immediately delete any emails that:
- Appear to be from a well-known organisation, typically a bank or service provider and are not addressed to you by name and may include poor grammar.
- Ask you to click on a link within the email body in order to access their website. If unsure call the company directly and ask whether the email is legitimate
- Offer money, reward or gift to entice you to hand over your personal details
- Ask you to submit personal information that the sender should already have access to or should not be requesting from you in the first place
Telstra offer a feedback and complaints service where you can report email or phone scams where Telstra are being impersonated.
We recommend that you share these tips with your staff to make them aware of these campaigns. By employing a cloud-based email and web filtering solution like MailGuard, you’ll also reduce the risk of these new variants of phishing from entering your network in the first place.
Keep up to date on the latest email scams by subscribing to MailGuard’s weekly update or follow us on social media.
