Be on the lookout for a fake email scam impersonating Telstra which states that your account is ‘Temporarily Limited’ due to ‘An issue with your account.’
In the scam, which contains no payload or attachments, cyber criminals are phishing for account access credentials.
A similar fake Telstra scam was circulating in March using the same email signature details, where cyber criminals listed the name of Telstra’s Executive Director as the sender.
MailGuard has protected customers by blocking this phishing run, however at the time of detection the content was not marked as malicious by any other AV vendor.
Here is a sample of the fake Telstra email scam:
The email suggests the recipient’s Telstra account needs to be fully activated, and contains a link to a compromised website which hosts the phishing site.
Here is a sample of the landing page:
The landing page simply asks for account access details, which then enables cyber criminals to access your account.
To reduce the risk of being tricked by one of these scams, you should immediately delete any emails that:
Telstra offer a feedback and complaints service where you can report email or phone scams where Telstra are being impersonated.
We recommend that you share these tips with your staff to make them aware of these campaigns. By employing a cloud-based email and web filtering solution like MailGuard, you’ll also reduce the risk of these new variants of phishing from entering your network in the first place.
Keep up to date on the latest email scams by subscribing to MailGuard’s weekly update or follow us on social media.