SCAM ALERT: Fake emails targeting Telstra customers warn police
NSW police has warned about a convincing new email scam targeting Telstra customers.
The sophisticated email prompts you to click on a link and download software to your computer, which is malicious and allows the scammer to control or access your device.
First reported by cyber security company MailGuard, a warning about the phishing attack was posted to the NSW police Facebook page on Tuesday.
The email is very convincing and at first glance looks like a legitimate bill from the telco. However, it encourages you to click on a link and download a zip file, which should be an immediate red flag.
Telstra will never ask you to download a zip file and in fact, Telstra’s support page points out, hoax e-mails may “contain an unexpected zip file or other attachment.”
However, the scams are becoming more sophisticated and the criminals behind this particular scam have even obtained a URL to make their email look more convincing.
But like most scams, the devil is in the detail and the fake Telstra email is sent from a telstraq.com address which was registered on Sunday November 19 in China.
A quick look and you may miss the extra “q” at the end of the URL or believe it’s a legitimate branch of Telstra’s billing department.
But once you’re promoted to download a file, think twice.
“It’s a good rule of thumb to never click on email attachments that are hidden in .zip files or have .exe or. js file names,” MailGuard said.