Watch out for scam Telstra email

  • An email banking scam is targeting BigPond customers
  • Cyber theft a real threat to online usage
  • Tips to stay safe online

An old email phishing scam has been doing the rounds again.

Telstra


The email, which professes to be from Telstra BigPond, warns customers that their service may be suspended if they fail to update their billing information. It suggests that the customer may need to do so for a number of reasons, such as changing their billing address, submitting incorrect information, or a failure to update their BigPond profile. The email then proceeds to link to a fake Telstra website where the customer will be prompted to enter their credit card or bank account details.

Once the banking details have been entered, they will be distributed to a wide audience of cyber thieves. It's a clever ploy, with emails sent out to thousands of BigPond customers – even if only a few customers are tricked into believing it's a real email, the thieves can make a huge profit.

Telstra themselves are aware of the hoax. Telstra's Officer of Internet Trust and Safety Darren Kane warned customers: "Telstra and BigPond will never send an email requesting passwords, account verification, credit card details or other personal details by asking you to 'click on a link'. You should only provide this type of information in response to an expected request or one you have initiated."

There are other clues that the email is fraudulent; Kane "urges people to be very suspicious of emails sent by people unknown to them, containing misspelt words or directing them to a link". Another clue might be in the link address itself – one such email linked to a URL that began with "healthygourmet.sg": clearly not a Telstra email. However, there are ways for cyber scammers to disguise the URL and even the webpage itself, making it seem more plausible by including Telstra logos and advertising. Additionally, after finishing entering the billing information, the page redirects to the Telstra BigPond homepage, adding to the facade.

If you think you have responded to a fake email with real information, contact the institution you thought the email was from immediately. You may also want to alert your bank. They will be able to tell you how to proceed.

Here are some tips to avoid online scams:

  1. Never click on a hyperlink contained in an unsolicited email from a bank, Internet Service Provider (ISP), or any other institution that might be targeted by a scammer. Instead type in the real URL of the institution manually.
  2. If you are providing important, private information on a website, make sure the website is secure. It should start with "https://", not just "http://". Remember, though, that even a secured website may be a fraud – be very careful where you enter your details.
  3. Use firewalls, anti-virus, and anti-spyware software to protect your computer, as some scam sites will launch viruses.
  4. Make sure that your browser, system software, and all applications have the latest security updates. Install virus protection software only from reputable sources, not just from a Google search. They should be names you recognise, like McAfee, Norton, etc., and you should purchase the software directly from the brand websites themselves, and not from any resellers.
  5.  If you ever have reason to believe that an email you got was a scam, call the institution sending it immediately to verify. If they tell you it is a scam, delete it from your computer immediately. Even if an email looks legitimate, if it is asking you to enter personal details it is often a good idea to call the institution over the phone and check for sure that they've sent it to you and approve it.

Getting Broadband and staying online is wonderful, but make sure that you stay safe online! Theft – including identity theft – is prevalent, but using your common sense and double checking every time you're required to enter personal details online can make sure that your time online stays enjoyable.