Go to whole of WA Government search

Telstra fake refund scam

Telstra refund scam

May 2020 
 
A scammer posing as Telstra is sending phishing emails stating a bill has mistakenly been paid twice, meaning the recipient is entitled to a refund. 
 
The email urges you to apply for the refund by clicking through to a fake Telstra log-in page to enter your details.
 
If you receive this email, delete it. Don’t click on the link or enter your log-in details, as it will steal your personal information.
 
Here are the ways you can tell it’s a scam: 
 
  • The email is addressed to ‘Dear Customer’, and not your account name
  • The email address comes from services.refunde@outlook.com – not an official Telstra email address
  • The amount is stated in AUD – bills never usually add the AUD
  • Sign-off at the bottom contains a Google link, rather than a link to Telstra
  • Spelling mistakes

image of scam Telstra bill email

And we have seen Telstra be hit with something like this before. 

Telstra-fake-refund

BigPond Phishing scam (2007)

Back in 2007 phishing emails were a dime a dozen, but we thought this one which purports to come from Australian Internet service provider BigPond was worth a warning.

If scammers are targeting BigPond users they will attempt the same scam using another Internet service provider’s name.

The email is titled “Dear Valued BigPond.net.au user” and states:an example of a bigpond scam email

“We will be conducting a scheduled routine maintenance that may affect email delivery notifications on our transaction network. This issue was raised 2 weeks ago. Please be rest assured that this will not impact transactions adversely.
 
”We would need the following information to enable us (sic) conduct our maintenance effectively. This will enable you (sic) logon to bigpond.net.au direct with webmail.bigpond.net.au and it will also allow you to view your invoice, update your credit card or contact information, change your email addresses or passwords, and more at ...”

It goes on to ask for your name, address, telephone number, fax, location where you access your email, email address and password.

It contains a link to Big Pond’s website which adds authenticity to an email which is not particularly well written. Hover your mouse over the sender’s email address and it actually shows a hotmail email account.

Of course, this unsolicited email is just “phishing” for personal information so it can hack into your inbox. Once there, scammers can wreak havoc by:

  • Scrolling for personal information, such as tax file numbers and online banking details, to steal your identity or fleece your bank account.

  • Hijacking your contact book and send SPAM or emails containing viruses from your email account.

  • Unleashing malicious software into your computer.

Telstra, which owns BigPond, confirmed that the email is a fake. It said BigPond does not ask for this kind of information in a general email to customers.

It advises its users to always be wary of any email asking you for personal information such as passwords.

WA ScamNet couldn’t agree more with that advice!