Be on the lookout for a fake email scam impersonating Telstra which states that your account is ‘Temporarily Limited’ due to ‘An issue with your account.’
In the scam, which contains no payload or attachments, cyber criminals are phishing for account access credentials.
A similar fake Telstra scam was circulating in March using the same email signature details, where cyber criminals listed the name of Telstra’s Executive Director as the sender.
MailGuard has protected customers by blocking this phishing run, however at the time of detection the content was not marked as malicious by any other AV vendor.
Here is a sample of the fake Telstra email scam:
The email suggests the recipient’s Telstra account needs to be fully activated, and contains a link to a compromised website which hosts the phishing site.
Here is a sample of the landing page:
The landing page simply asks for account access details, which then enables cyber criminals to access your account.
To reduce the risk of being tricked by one of these scams, you should immediately delete any emails that:
- Appear to be from a well-known organisation, typically a bank or service provider and are not addressed to you by name and may include poor grammar.
- Ask you to click on a link within the email body in order to access their website. If unsure call the company directly and ask whether the email is legitimate
- Offer money, reward or gift to entice you to hand over your personal details
- Ask you to submit personal information that the sender should already have access to or should not be requesting from you in the first place
Telstra offer a feedback and complaints service where you can report email or phone scams where Telstra are being impersonated.
We recommend that you share these tips with your staff to make them aware of these campaigns. By employing a cloud-based email and web filtering solution like MailGuard, you’ll also reduce the risk of these new variants of phishing from entering your network in the first place.
Keep up to date on the latest email scams by subscribing to MailGuard’s weekly update or follow us on social media.
