Leveraging the large telco’s brand and again focusing on online billing, this time the scam is not as well executed. It contains significantly more formatting and grammatical errors, and importantly this time around it is not coming from the @online.telstra.com domain.
Earlier this week we saw a similar online bill payment scam targeting Australian inboxes.
As in previous attacks, the email and landing pages used in this scam are almost identical to the legitimate Telstra website, making it difficult for recipients to distinguish the fraud.
Here is a sample of the most recent phishing email:
In this attack the cybercriminals are suggesting the last bill payment was not received and the recipient is asked to pay their bill and update their payment details online. MailGuard have identified and blocked this new phishing scam variation, which appears to be signed by legitimate Telstra executive, Gerd Schenkel, who is Executive Director, Telstra Digital.
One clue to the fraud, is that this email is not personally addressed to the recipient and rather addresses them as ‘Customer,’ which is one of the first signs of a scam.
Clicking the URL takes the email recipient to the fake login page which is hosted on a compromised legitimate website.
The second landing page asks for personal details and credit card details, giving cyber criminals access to the victims’ funds and enough information to engage in identity theft.
To reduce the risk of being tricked by one of these scams, you should immediately delete any emails that:
- Appear to be from a well-known organisation, typically a bank or service provider and are not addressed to you by name and may include poor grammar.
- Ask you to click on a link within the email body in order to access their website. If unsure call the company directly and ask whether the email is legitimate
- Offer money, reward or gift to entice you to hand over your personal details
- Ask you to submit personal information that the sender should already have access to or should not be requesting from you in the first place
Communicate any suspicious emails with your IT & security teams to assess on your behalf. Telstra also offer a feedback and complaints service where you can report email or phone scams where Telstra are being impersonated.
We recommend that you share these tips with your staff to make them aware of these campaigns. By employing a cloud-based email and web filtering solution like MailGuard, you’ll also reduce the risk of these new variants of phishing emails from entering your network.
Keep up to date on the latest email scams by subscribing to MailGuard’s weekly update or follow us on social media.