Akankasha Dewan 15 October 2019 16:41:13 AEDT 3 MIN READ

Scam Alert: Phishing email spoofing Telstra uses ‘$500 gift card reward’ to trick users

MailGuard has discovered a phishing email scam that is targeting inboxes across Australia.

First detected today, the 15th of October afternoon (AEST), the scam purports to be from Telstra and masquerades as a notification from the telecommunications giant.

Using a display name of 'Telstra' with a domain to match, the email actually originates from a single forged email address. It is titled ‘$500 Citibank Visa prepaid gift card reward’. The email’s body incorporates the Telstra logo and branding and advises the recipient that they need to claim their gift card reward before ‘18/10/2019’. A ‘claim link’ is provided for recipients to click on to access their gift card.

Here is a screenshot of the email:

Telstra Phishing Email Social_1510

Unsuspecting recipients who click on the link to claim their award are redirected to a second URL which simulates a Telstra login page, as per the below:

telstra phishing page 1510

This is actually a phishing page designed to harvest confidential details users. When the user inserts their login credentials, they are then led to a blank page, which is probably meant to simulate a slow connection or unreachable destination.

telstra blank page

MailGuard urges email users to think twice before clicking any type of attachment or link in an email if they’re uncertain of its legitimacy.

Cybercriminals behind this scam use several elements within the email body to convince recipients that it is a legitimate notification from Telstra. These include employing high quality graphical elements such as Telstra’s branding in the emails and in the login page. A key feature is the inclusion of detailed delivery instructions in the email, informing users that they will need to verify their identity when they are claiming their reward and that ‘a signature is required for collection’.

These instructions boost the credibility of the email as these are common safety features that recipients are likely to expect from legitimate notifications from Telstra.

Telstra, by its large database and established brand credibility, is an ideal company to spoof by cybercriminals as it widens their victim pool.

Telstra’s website offers this advice to their customers on how to recognise and avoid email scams:

  • Never trust emails that ask for personal details
  • Think twice before giving personal details online - instead, contact the sender using their publicly available contact details
  • Visit trusted websites via their URL, rather than clicking a link in the email
  • Only provide financial details on secure websites
  • Use a spam filter to help block unsolicited and hoax emails

MailGuard urges all recipients of this email to delete it immediately without clicking on any links.

Don't get scammed

If your company’s email accounts aren’t protected, emails like the one above are almost certainly being received by your staff. Cybercriminals know people can be tricked; that’s why they send out millions of scam messages and put so much effort into making them look convincing.

People are not machines; we're all capable of making bad judgement calls. Without email filtering protecting your business, it’s just a matter of time before someone in your organisation has a momentary lapse of judgement and clicks on the wrong thing.

One email

Cybercriminals use email scams to infiltrate organisations with malware and attack them from the inside. All criminals need to break into your business is a cleverly-worded message. If they can trick one person in your company into clicking on a malicious link they can gain access to your data.

For a few dollars per staff member per month, you can protect your business with MailGuard's predictive and advanced email security.

Talk to a solution consultant at MailGuard today about securing your company's network. 


Why not stay up-to-date with MailGuard's latest blog posts by subscribing to free updates? Subscribe to weekly updates by clicking on the button below.

Keep Informed with Weekly Updates