BigPond “Internal Authentication Error” Phishing Scam Email

Outline:
Email purporting to be from Australian Internet Service provider BigPond claims that due to an “Internal Authentication  Error” your account will be deleted and closed within 10 hours. The email explains that you can stop the pending account closure by following instructions included in an attached file.




Analysis:
The email is not from BigPond and the “Internal Authentication Error” claim is untrue.  And, your account is not set to be closed.

In fact, the email is a phishing scam designed to steal your Telstra account login details. If you open the attached file, a seemingly innocuous PDF will open. The PDF has the title “BigPond User Manual” along with some random, non-English text and a generic PDF icon. But, clicking anywhere in the document opens a fake Telstra BigPond login page on a fraudulent website. If you provide your Telstra account login details on the fake page, you will then be automatically redirected to the genuine Telstra website.

Meanwhile, the criminals can use the stolen credentials to hijack your Telstra account.

Telstra and BigPond customers are regularly targeted in such phishing attacks. Be wary of any message that purports to be from Telstra or BigPond and claims that you must open an attachment or click a link to rectify a supposed account issue.





Example:
Internal Authentication ErrorHello User,Inbox and Sent Folders

We will delete & Close Your Account Within 10 hours

You need to confirm this request or we will continue with the request.

If you think it is an error, take action immediately to stop this process.

Download attached instructions manual

Thank You
Bigpond Email 2017

Bigpond Security Service Phishing Scam




Last updated: March 17, 2017
First published: March 17, 2017
By Brett M. Christensen
About Hoax-Slayer

References
PHISHING SCAM – ‘Upgrade Your Bigpond Account’
Bigpond Security Service Phishing Scam
Phishing Scams – Anti-Phishing Information

Leave a comment