Customers of Australian telco Telstra are again being targeted via a fake bill notification email.
The email, which is professionally presented and features Telstra logos, graphics and formatting, claims that your new Telstra bill is attached. The email includes links that you can click to pay the supposed bill.
Despite its appearance, however, the email is not from Telstra. It is a phishing scam designed to steal your personal and financial information.
A Nine News Report on the phishing attack notes:
The email uses the display name “Telstra Team” and has been formatted to look like an authentic bill from the telecommunications company, with an account and bill number, multiple links and branding that mimics Telstra’s.
Clicking any of the links opens a fraudulent website that asks you to login with your Telstra email address and password. Next, you will be instructed to complete a payment form that asks for your name and contact details, your credit card numbers, and other identifying information.
All of this information can be collected by criminals and used to hijack your Telstra account, commit fraudulent credit card transactions and potentially steal your identity.
The scam email is especially dangerous because it looks almost identical to Telstra’s genuine bill emails.
And this is just the latest in a series of phishing attacks that have targeted Telstra customers in recent years. Some versions claim that Telstra owes you a refund and urge you to click a link to claim your money. Others claim that a payment has been unsuccessful or that there is a problem with your account that you need to rectify.
If you receive an email that looks like it’s from Telstra, make sure that it includes your correct account number and addresses you by name. Scam emails will use made-up account numbers and either omit the greeting or use generic greetings such as “Dear customer”.
And, ensure that links in the emails open the genuine Telstra website and not a fraudulent copy.
It is always safest to login to your Telstra account by entering the address into your browser’s address bar or via an official Telstra app rather than by clicking a link.
The Telstra help files include information about recognising and reporting such scam attempts.
Note that fake Telstra bill emails have also been used to distribute malware.