Email purporting to be from Australian telecommunications company Telstra claims that you are owed a refund due to a billing error and should click a link to login and claim your refund.
The email is not from Telstra. The promise of an unexpected refund is the bait used to trick you into clicking a link in the bogus message. The link opens a fraudulent website that asks you to provide a large amount of your personal and financial information. This information will be collected by criminals and used to commit credit card fraud and identity theft.
Subject: Refund bill number: 11516383
Refund bill number: 11516383Dear Customer,After reviewing our payment server we found the following error, your monthly billing balance was paid in twice (202.42 * 2) an amount of 404.84 AUD. in order to receive your charge back you are requested to visit your account immediately and complete the claim.Then we will refund you the second charge of 202.42 AUD to your bank account
According to this email, which purports to be from Australian telecommunications giant Telstra, the recipient is owed a refund due to a billing error. The message claims that a recent bill amount was paid twice and instructs the recipient to click a link and submit a claim form for an immediate refund.
However, the email is not from Telstra and the recipient is not owed a refund as claimed. The message is a phishing scam designed to trick Telstra customers into sending their personal and financial information to criminals.
Those who click the link as instructed will be taken to a fraudulent website designed to emulate a genuine Telstra login page. Once they have submitted the account username and password on the fake page, they will be taken to a second bogus page that asks for credit card details, address information and proof of identity:
After supplying the requested information, they will be taken to a third fake page that supposedly confirms that the refund request has been successfully submitted:
Clicking the ‘Finish’ button on the bogus confirmation message will redirect them to the genuine Telstra website.
Thus, victims will likely believe that they have successfully applied for their refund and remain unaware – at least for a time – that they have just been scammed.
Meanwhile, the scammers can collect the information submitted on the bogus website and use it for various criminal activities. They can use the stolen login details to hijack the Telstra accounts belonging to their victims. And, using the other stolen data, they can commit credit card fraud and attempt to steal the identities of victims.
Be wary of any email from Telstra or Bigpond that claims that you must click a link or open an attached file to update billing information, correct an account error or avoid a suspension of service. Telstra customers are regularly targeted via such phishing attempts. If you receive one of these emails, do not click any links or open any attachments that it contains.
The Telstra help files include information about recognising and reporting such scam attempts.
Last updated: March 27, 2017
First published: April 30, 2014
By Brett M. Christensen