Scam artists are attempting to cheat Telstra clients using realistic-looking billing emails to con customers.
Telstra customers are being warned of an email scam using fake bill notifications to trick people into clicking malicious links.
The scammers are sending an email invoice to customers and, when clients attempt to click the link to view their bill, are redirected to a phishing site which steals their credit card details.
Other customers have reported receiving emails which prompt them to log in to their Telstra account on a website which appears to be the legitimate page of the telco, only to then have their details harvested by the scammers.
The Australian Competition and Consumer Commission’s (ACCC) Scam Watch said people should not open attachments in unexpected emails or click on the links.
The scam is the latest example of brandjacking in Australia – a commonly used con which uses the branding of established companies to prey on unsuspecting customers.
In April, the ACCC recorded 5000 reports of fake billing scams in the past 12 months alone, with some customers losing almost $8,000 each.
Telstra’s Cyber Influence Manager Blair Adamson said the scam is concerning, and customers must be vigilant.
“If you encounter something unsolicited, unexpected, or… anything that asks for personal or financial information, double and then triple check it by asking others, calling up the organisation on its official number, or searching online for any background information,” Mr Adamson said.
“Our team of cybersecurity experts will continue to help stop these scam emails before they get to you where possible.”
Customers are advised to double-check the URL of the Telstra website to ensure it is not a fake page.
One fake page is ‘telstrabroadband.com’. According to online security provide Mailguard, the domain was created just days ago and was registered in China.
The ACCC said seniors are most at risk of falling victim to these cons and said anyone who is concerned about a suspicious bill should report it to the appropriate government agency or contact Scam Watch for guidance.