Daniel McShanag 04 September 2017 16:13:07 AEST 3 MIN READ

Fake Telstra Email Bill scam delivers malware to your inbox

Earlier today malicious emails began targeting Australian inboxes in the form of fake Telstra email bills. In a twist, the emails claim ‘Good news – your account is currently in credit, so no payment is required at this time.’ 


When curious recipients click through on ‘Your new Telstra bill is attached by link’ they inadvertently initiate the download of a malicious file. Australians are warned to be cautious, and think twice before they click.

Unsuspecting users can easily mistake the fraudulent emails for the real thing, with many of the logos, links and other design elements replicated from an authentic bill.

The amount that each account is in credit is typically in the hundreds of dollars, with the amounts randomised so that they’re different on each of the fraudulent bills.

Opening document_942017.zip_083.png

The email scam began around 7:30am AEST and continued until early afternoon, with the last email detected shortly after 1pm AEST.

To further customise the scam, the account number is also randomised so that it is different on each of the fraudulent bills, as is the sender, with the email coming ‘From’ different email addresses and display names.

Telstra.com.au/Support offers these suggestions to help protect personal information:

  • Never trust emails that ask for personal details
  • Think twice before giving personal details online - instead, contact the sender using their publicly available contact details
  • Visit trusted websites via their URL, rather than clicking a link in the email
  • Only provide financial details on secure websites
  • Carefully choose and change passwords regularly
  • Read the privacy policies of websites and apps you use
  • Upgrade your device's security software or apps
  • Use a separate email account for subscribing to online services and groups
  • Use a spam filter to help block unsolicited and hoax emails

And the Telco offers this advice if you do receive a suspicious email:

  • Don't click links or reply
  • Don't provide any personal information
  • Don't open any attachments
  • If you click an email link which opens a website, don't enter any personal information
  • Report it. If the suspicious email claims to be from Telstra (or BigPond), submit a Misuse of Service form and include a copy of the email as an attachment to the form (not by forwarding), so the original information stays intact. Our security team will investigate the report and may take action against the scammer. You can also report the incident to ACCC SCAMwatch
  • Delete the email as soon as possible
  • If you've already provided personal or banking details to a scammer, contact your bank or financial institution immediately (using their publicly available details, not the ones in the email you received) and monitor your bank statements for unauthorised transactions. If you've provided account information, change any passwords you may have disclosed for your account
  • If you've already saved or clicked on an attachment, update your anti-virus software and run a complete scan of your computer. Repeat the anti-virus update/scan process again over the next few days. You may also wish to update any online passwords stored on your computer in case they've been accessed.

For a few dollars per staff member per month, add MailGuard's cloud-based email and web security to your business security. You’ll significantly reduce the risk of new variants of malicious email from entering your network.

Keep Informed with Weekly Updates


^ Back to Top