A new wave of phishing scams target Telstra

Filed Under: Data loss, Phishing, Privacy, SophosLabs, Spam

In the last few days, SophosLabs witnessed a new wave of phishing spam campaigns targeting Telstra, the largest phone and internet service provider in Australia. Telstra supports more than 18 million customers for both fixed line and mobile phones.

Telstra phishing email

This makes it a worthy target for phishing attacks. This wave of scams includes two kinds of phishing messages: one uses the Telstra brand, while the other takes advantage of BigPond, which is a subsidiary of Telstra.

BigPond phishing email

Telstra phishing websiteThese two different phishing messages contain a link redirecting the recipient to similar fraudulent Telstra login pages. The pages attempt to steal customers' confidential information such as username, password, address and credit card details.

Like most phishing pages, they look very believable to the average user. Considering that companies are moving every service they can to the internet to reduce labour costs, this is to be expected, right?

Fake Telstra login page

During the last few years the targets for phishing attacks have changed. In 2007, financial service companies were the most targeted industry, at about 95% of all attacks.

In 2010, phishes targetted financial service companies dropped to just under 38%. Phishers not only target financial service providers, but payments services, auction websites, ISPs, governments, social networks and more.

2007 and 2010 phishing targets from Anti-Phishing Working Group

Since all of these industry sectors request and store sensitive information, it makes them a target for scammers attempting to victimize their customers.

In the future I am sure we will see even more diversified phishing attempts. These charts are courtesy of the Anti-Phishing Working Group.

, ,

You might like

3 Responses to A new wave of phishing scams target Telstra

  1. Rosie · 1690 days ago

    I use Spoofstick, it shows what web site you are on each time you change sites. One of the best free tools out there. http://www.corestreet.com/spoofstick

    • BeryleM · 1398 days ago

      I tried to go to the link you suggested, Rosie, but was taken to an error (Page Not Found) so I ended up doing a key search and came up with the site spoofstick.com.

  2. Basil Bean · 1365 days ago

    We got the same message several times over the Christmas /New Year period at our local RSL Sub branch- you've got to give them points for their tenacity!
    The ANZ also bobbed up a couple of times.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s