Massive botnet chews through 20,000 WordPress sites
ALERT – Netflix Account Suspended e-mail
Show all

ALERT – Telstra Brandjacked, Watch out for the e-mails



Telstra customers are advised to be on their guard, as a new phishing email scam purporting to be from the company is currently hitting inboxes.

MailGuard intercepted the fraudulent emails today afternoon (AEST). Masquerading as ‘new bill’ notifications, the emails use the display name ‘Telstra’ and were sent from a large number of compromised email accounts. All sending addresses as well as links within the email are all part of the same collection of compromised domains.

The body of the email is relatively simple and uses plain text to advise recipients that their latest Telstra bill is now ready to be viewed. A link for "View Bill" is provided in the email.

Here is a screenshot of the email:

Telstra Scam


Unsuspecting recipients who click on the link to view their bill are led to a blank webpage that serves up a malicious file download.

While this scam isn’t as sophisticated in design as others that MailGuard has seen, cybercriminals do use several elements within the email body to convince recipients that it is a legitimate notification from Telstra. A key feature is the inclusion of the sentence ‘Please note: Telstra will never ask you to provide credit card, or banking details via email."

This disclaimer, along with the included link to the telecommunication company’s phishing advisory page, boosts the credibility of the email as it is a common feature that recipients are used to seeing in legitimate notifications from Telstra.

Telstra, by its large database and established brand credibility, is an ideal company to spoof by cybercriminals as it widens their victim pool.

Tell-tale signs of phishing scams

  • A sense of urgency
  • Bad grammar or misuse of punctuation and poor-quality or distorted graphics
  • An instruction to click a link to perform an action (hover over them to see where you’re really being directed)
  • Obscure sending addresses (for example, Hotmail, gmail, Yahoo addresses should set alarms bells ringing)

Don’t get scammed

If your company’s email accounts aren’t protected, emails like the one above are almost certainly being received by your staff.  Cybercriminals know people can be tricked; that’s why they send out millions of scam messages and put so much effort into making them look convincing.

People are not machines; we’re all capable of making bad judgement calls. Without email filtering protecting your business, it’s just a matter of time before someone in your organisation has a momentary lapse of judgement and clicks on the wrong thing.