IT Brief Australia - Technology news for CIOs & IT decision-makers
Story image
MailGuard warns of new scam targeting Telstra customers
Wed, 25th May 2022
FYI, this story is more than a year old

Telstra customers in Australia are being warned of a new scam involving "Unsuccessful Payment" messages.

According to MailGuard, the scam targets Telstra customers by using phishing techniques to steal sensitive credit card details.

The email subject line warns users that "Your AutoPay payment Was unsuccessful !", and while the sender name shows 'Telstra.com.au', MailGuard says the email is actually fraudulent, coming from ‘Telstra.com.au@ovh.us'.

They say that the email itself may look similar to one expected to come from Telstra, but once customers begin reading the text, there are key factors that point to it being a phishing scam.

All of the emails that MailGuard say they have blocked begin with "Dear [-emailuser-]".Telstra, as with most businesses, is known to personalise emails by using the customer's first name.

The email continues to explain that the payment for a customer's last owing bill was unsuccessful and that in order to fix this, they need to update their credit card details by clicking the button that says, "Open My Telstra >".

MailGuard says the majority of the text will seem legible, but customers should notice a number of grammatical errors that will also alert them to the fact that it is a scam email.

When users click on the button, they are taken to a phishing page. While the page itself looks similar to Telstra's website, the URL shows that users are actually visiting the website of a compromised foreign bio-medical company.

The user is then asked to enter their credit card details, including name, card number, expiry, and CCV, and then directed to click the button to 'Confirm'.

Once the credit card details have been entered, the user is taken to a One Time Password (OTP) page, asking for a code supposedly sent to the user's mobile. MailGuard says cybercriminals often use this tactic to fake authenticity, although by this point, the credit card details have already been harvested.

In light of this new scam, MailGuard recommends that all recipients of this email delete it immediately without clicking on any links. They also advise reporting this scam to Telstra, while also being aware of similar scams for other companies and reporting them to the appropriate channels.

MailGuard says large companies are often targeted due to their trusted name, large customer base, and the crucial nature of their services. They say they will continue to monitor for similar scams and provide their protection services to customers.