There’s a new, very well constructed, scam email making the rounds – this time it’s a Telstra look-alike bill.

The well-formatted email will look familiar to existing Telstra customers and asks users to click through to an attached bill. Although there are no attachments: just a link is provided.

Telstra scam bill

The fake Telstra bill. Source: MailGuard.

The link redirects through Tumblr to a fake Telstra login page.

Telstra phishing website login

Telstra phishing website login page. Source: MailGuard.

Once logged in, recipients are directed through to a payment page.

Telstra scam payment page

Telstra scam payment page. Source: MailGuard.

The cyber criminals can then view and save user and payment credentials for further illegal activity.

All fake bills reported have shown the same account number.

Scams aren’t new and they’re not really about technology

Scams have, of course, been around for 1000’s of years and don’t actually exploit technological vulnerabilities – rather they exploit human ones.

The prospect of romance or winning money are highly desirable for many people, so running a scam to exploit people in these states is pretty much expected.  Sometimes the ploy is to write a scam with poorly written English and sometimes, as in the case the Telstra scam in this article, the tactic is to make it look so real that everyone will fall for it.

How to not fall for online scams

It’s pretty simple: slow down before you click on links!

If in doubt, chat to someone nearby or call your IT Professional… or call us! Whilst there are some technological safeguards you could employ, none will give you 100% coverage. It’s just not possible if you want to communicate in the world today. User education is critical to the safety of your business in conjunction with a suitable Cybersecurity strategy.