‘Declined’: 18.8 million Telstra customers ‘at risk’
Customers of Telstra have been warned against an email urging them to update their payment information that is actually designed to steal banking and personal details.
MailGuard has said Telstra’s 18.8 million customers are at risk from the phishing scam, which tells recipients that their “last payment was declined”.
Also read:
‘Missed call’ text secretly infects Aussie phones, Telstra warns
16 million Australians targeted by fake CBA ‘security alert’
“Our payment system has detected an invalid billing associated with your account,” the email reads.
“Your service now is scheduled for automatic termination. Please update your payment information today to avoid service interruption.”
But Aussies shouldn’t fall for it – exploiting Telstra’s recognisable logo, the email is designed to seem urgent to trick unsuspecting recipients into submitting their personal information.
Clicking the blue ‘Check Information’ button will take them to a fake sign in page that requests Telstra customers’ IDs and passwords.
After keying in their details, the subsequent page asks for credit card details, and upon confirming they are asked for SMS verification and then directed to the real Telstra homepage.
But the phishing attempt is just designed to harvest users’ credit card details and passwords.
“[This] may then be used in subsequent criminal activity such as for fraudulent payments or sold on the dark web to other cybercriminal groups,” email security software platform MailGuard warned in an online alert.
“The phishing pages share a likeness to legitimate Telstra pages, which means that there is a likelihood that vulnerable customers may fall prey to the scam.”
Telstra spoofed: How to tell it’s a scam
The email contains plenty of red flags that the email is a fake.
For one thing, the email does not address the sender by name and simply states “Dear Customer”.
The email also uses odd grammar in some places and does not have capital letters in the right places.
The sender also isn’t from a legitimate Telstra domain.
“If you get a suspicious email, don't reply to the email or open the links. If you accidentally click on a link which opens a website, don't enter any information onto the website,” Telstra states on its webpage about scams.
Aussies can report scams to Scamwatch.
WATCH BELOW: 4 Tips for Spotting and Avoiding Common Scams
Australians are losing $11,000 in the average scam
Australians have reported more than $211 million lost to scammers this year, with the real figure likely to be higher.
Authorities have voiced their concerns about the increasing sophistication of scams and the rising sums being lost to anonymous cyber criminals.
“It’s very concerning to see these scams evolving and becoming more sophisticated to steal even more money from unsuspecting people,” said ACCC deputy chair Delia Rickard.
“While the proportion of reports involving a financial loss has dropped this year, the people who do lose money are losing bigger amounts. The average loss so far this year is about $11,000 compared to $7,000 for the same period in 2020.”
TAKE THE QUIZ: Are you smarter than this common scam?
Follow Yahoo Finance on Facebook, LinkedIn, Instagram and Twitter, and subscribe to the free Fully Briefed daily newsletter.