18m Aussies warned over new Telstra scam
Telstra customers are being targeted in a new phishing scam which could see them lose tens of thousands of dollars.
Telstra customers are being targeted in a new phishing scam which could see their login details compromised.
Late last week, MailGuard issued a warning about Telstra customers receiving a fake refund email claiming they have been “paid twice due to a system error” which is really trying to trick them into giving away their logins and passwords.
Telstra has an estimated 18 million customers who should now “be wary” of the email.
It would be particularly devastating to fall for the scheme because if scammers are able to acquire customer information, they could then steal their phone numbers and reset passwords to bank accounts.
Want to stream your news? Flash lets you stream 25+ news channels in 1 place. New to Flash? Try 1 month free. Offer ends 31 October, 2022 >
Telstra customers should be wary of any emails purporting to be from the telco which claim they’re owed a refund as they have “paid twice due to a system errorâ€. It’s likely a new #phishing#scam which steals account credentials and credit card details.https://t.co/lmeWCUq02r
— MailGuard (@MailGuard) August 29, 2022
The email subject line shows “Reminder: Refund ID: TLS51128499822AUS! Fri, 26 Aug 2022 07:49:01 +0300”.
The scammers use a generic “dear customer” to address customers and the sender appears as “Service Inc.” in the email thread.
The actual email is “return (at) dhl (dot) com”, “although this does not seem to be a genuine DHL source”, according to Mail Guard.
In order to get the amount refunded to their credit card, customers are directed to complete a claim by clicking a button which says, “Refund the amount”.
It then takes them to a website where they have to input their username and passwords, and although the site “heavily uses” Telstra branding, it is not a legitimate Telstra web page.
Once that page is complete, the potential victim is then directed to put in their credit card details, which will also likely be stolen by the fraudsters.
If you receive the email, the best thing you can do is report it to ScamWatch and then delete it without clicking on anything.
Users are warned that if they do fall for the fake refund, they could then become a victim of a SIM swap scam.
A SIM swap scam is where a cyber criminal hijacks a phone number and is able to direct the victim’s password reset to their own device.
An Australian SIM swap victim will on average lose a whopping $28,000 to hackers, according to the Australian Communications and Media Authority (ACMA).
Between 1 January and 30 September last year, there were at least 510 incidents of reported SIM swaps, resulting in 163 cases of financial loss, according to the Australian Communications and Media Authority (ACMA).
These losses amounted to $4.68 million, with the largest single reported loss being $463,782.
News.com.au reported on a Sydney man waking up to find $52,000 stolen from him by SIM hackers, while an Adelaide schoolteacher lost her entire life savings, $43,000, from a similar ordeal.
alex.turner-cohen@news.com.au
TimTam question Coles, Woolies can’t answer
Coles and Woolworths senior executives have dodged questions on why a packet of TimTams is cheaper in the UK than it is in Australia.
Push to axe sneaky fee costing Aussies $4bn
A Sydney MP is pushing for an overhaul of 20-year-old regulations that cost Aussies billions of dollars every year.
Major bank’s huge move on cash
One of Australia’s major banks has cut against the grain in the age of digital wallets and will no longer offer a key service, claiming declining interest.