Emmanuel Marshall 25 October 2017 15:37:34 AEDT 3 MIN READ

Alert: Another fake email bill scam impersonating Telstra

 

Breaking security news: Email scam uses fakeTelstra branding to try and ambush recipients

A large run of malicious emails were detected and intercepted by our team. The scam email impersonates an electronic billing notification for Telstra customers and is quite well designed, and hard to distinguish from a real Telstra communication.
The scammers have made an effort to make this email look more legitimate by varying certain details, like the invoiced amount and the sender’s name.

This attack is ongoing, so if you receive an email claiming to be from Telstra today, be very cautious.

Your new Telstra bill - Mozilla Thunderbird_241.png

 

Another Javascript Based Email Attack

Similar to yesterday’s scam involving the fake invoice from a photography company, this email links the unwitting recipient to a hidden Javascript program. Emails of this type can be loaded with all kinds of malware including trojan horses, and spyware.

After clicking on the links in this email, thinking they were going to view their Telstra bill, the victim is directed to a Sharepoint folder containing the Javascript file. Victims might not immediately be aware they had been attacked, but the malware would be installed on their machines enabling the scammers to steal their data and take control of their computers.

Telstra Bill 1183936653.zip _238.png

One way this email can be identified as a scam is by looking at the actual email address behind the “Telstra” sender name. Instead of being real Telstra email addresses, they are from a wide variety of random looking mail domains, such as @sahara-group(dot)com, @stoneacre(dot)co(dot)uk, and @vialagro(dot)com(dot)ar.

Your new Telstra bill - Mozilla Thunderbird_241.png


What to Do if you Get a Scam Email?

If one of these fake Telstra emails reaches your inbox, delete it immediately.

If you are uncertain about the validity of a Telstra email, be sure to check the URL section of the sender's address - that’s the part after the @ symbol  - to ensure it is a legitimate Telstra communication.

Remember…

Always hover your mouse over links within emails and check the domain they’re pointing to. If they look suspicious or unfamiliar don’t open them.

Keep up to date on the latest email scams by subscribing to MailGuard’s weekly update or follow us on social media. If you’re experiencing problems, you can speak to a cloud security specialist on 1300 30 44 30 or email expert@mailguard.com.au.


Avoid Email Scams

MailGuard has successfully protected all our customers from receiving today's fake Telstra email.

Add MailGuard's cloud-based email and web filtering solution to your business security and stop malicious emails entering your network. Click here to get more information about our cyber-security solutions.