CrowdSupport Wiki

Broadband & nbn™

cancel

Active Scams

At Telstra, we are aware of the many suspicious emails, phone calls and SMS messages that our customers may receive. Our Cyber Security department, in conjunction with colleagues throughout Telstra, closely monitors these scams and works hard to minimise their impact to our customers.

 

To report a scam to Telstra, click here.

 

You can also report a scam you have received to the Australian Cybercrime Online Reporting Network.

 

This page has been developed as a handy way to stay informed of some of the more recent scams we've been made aware of.

 

Do keep in mind, however, that cyber criminals are constantly making changes to their deceptions, so if you don't see something mentioned below, stay vigilant and refer to www.telstra.com/scams for more general information on scams, as well as information on how to report them to us.

Find out what to do if you've been the victim of a cybercrime.

Recent Email Based Scams:

  • Unsuccessful Direct Debit scam
    Phishing email claiming that a payment failure by a financial institution requires a new credit or debit card to be provided. Email contains link to malicious websites.
  • Your Telstra Business Email Bill scam
    Phishing email which may reference account 682 5133 510 and bill number P 225 797 291-7. Contains a malicious link. Subject may contain “Your Telstra Business Email Bill”.
  • 5G Webmail email scam
    Email with a subject similar to “The New 5G Telstra Webmail is here!!!” asking you to open a malicious attachment and access webmail by “activating the new template attached below.” May also contain a threat that your email will no longer be supported in the near future.
  • “Admin Notice” email scam
    Email claiming to be from “BigPond Admin Support Team” claiming your account “was use for illegal activities.” The email asks for your name, username, and password. Telstra should never ask you for your password.
  • Fraudulent “We’re having trouble verifying your Bigpond account” email
    Email claiming that “to help prevent account malfucntions” you must access a portal and verify your account. A malicious link may be presented which reads: VERIFY <your email address>. The message may be signed Bigpond Corpration Head Office, One-Microsoft Way Redmond.
  • Fake “Unified Terms of Service” agreement notification
    Email claiming to contain “New Unified Terms of Service & Privacy Police(s)” [sic]. Asks recipient to visit malicious website and sign in to confirm their account. May be signed “Bigpond Member Service Team” or “Bigpond Communications.”
  • Fake Telstra bill for account “2000XXXX2780” due in “Fev”
    Email claims a Telstra bill is due (typically for a small amount, such as less than $10) in the month of “Fev.” Email greeting may be “Hi ,” (with extra space). Contains a link to malicious website.
  • Fake “Overpayment” or “Refund Bill” notification
    Email claims that an overpayment of 393.23 * 2 (638.46) was made, and that the recipient of the email is due a refund. The amounts may vary, but will typically contain an amount and a multiplier (* 2). Email may be signed by a “Gerd Schenkel”. Contains a link to malicious website.
  • Fake “Unsuccessful Direct Debit Payment” notification
    Email claims that there was a failure from your “financial institution” for a direct debit payment. Contains a link to a malicious website.
  • Fake Telstra “Bonus” Give-away notification
    Email claiming bonus of $155.18 eligibility. PDF attachment with link to bit.ly website. This may re-direct to a number of malicious websites.
  • Fake 2019 Telstra Survey
    Email claiming “We are inviting people on our email list to an exclusive 2019 Telstra Survey!” or “You've been selected to participate in our survey about your experiences with telstra…” or similar.   
  • Fake Bill Arrival Notification
    Email claiming “The latest Telstra bill are now ready to be viewed.” Contains a link to a website such as hXXp ://onlinebill.<something>[.]com/corporatebill/<series of numbers and letters>. 
  • $300/$500 gift card or Bundle scam (possible Citibank Visa reference)
    Email claims that recipient can receive a “Telstra gift card reward” by providing their “unique claim (or redeem) code” and shipping address into a website.  The dollar value of this scam can vary. Some versions of the scam also offer the $500 as a Citibank Visa Card and other versions reference a “Telstra Bundle Refund”.
  • Fake Rejected Email
    An email from "Telstra_Notifications" claiming “Your email account incoming messages server failed and rejected new messages.” A malicious link to “Recover Rejected Messages” is also provided. The email may be signed by “Fiona Hayes”.
  • Fake DocuSign document from “Bradley McInnes”
    Email that claims to be from a Telstra Business Centre employee named Bradley McInnes and asks the user to download and review a DocuSign document. This is a malicious document and should not be retrieved.
  • Business Email Compromise scams
    We have recently noticed a large increase in what’s referred to as a Business Email Compromise scam - also known as CEO Wire Fraud. These emails claim to be from senior people in a company and ask for money to be transferred urgently, or, to pay an urgent invoice. Telstra advises all customers to verify bank and payment information in invoices carefully and repeatedly, and to not accept requests for payment submitted via email without speaking to trusted individuals to confirm the request first.
  • Warning about “old Telstra Mail security settings”
    Email claims that “You are still using the old Telstra Mail security settings” and asks for you to click on a link to update your settings. The link may point to https://forms.office.com - a malicious form is presented which asks for your personal information.

Please note that we have removed some specific details related to these scams.

  

Recent Telephone Based Scams:

 

  • Automated call from “Nicole” from the “NBN” urging immediate action regarding NBN availability and Internet access.

  • Scam call claiming to be the NBN security department and asking you to download a “NBN Rescue Link” - this is a remote access tool which can be used to compromise your computer and sensitive information.

  • Automated call stating “This is an emergency. Press 1 on your telephone now and follow all instructions” or similar.

  • Caller claims to be from the NBN and threatening disconnection from the Internet within 24-48 hours.

  • Caller offers a rebate of $300 (amount may vary) for people over a certain age. Caller will offer to put the amount on a credit card and asks for a card number to apply it to. 

  • Automated calls claiming to be from Telstra and threatening disconnection from the Internet due to suspicious activity seen on your line, or, hacking activity seen on your line.

  • Automated calls threatening legal action, including arrest, if the call is not returned immediately. These calls are usually from a computerised voice, and they regularly leave voicemail with their threats.

  • Calls claiming to be from the ATO and threatening legal action and/or arrest if action is not taken immediately. As above, these threats are in a computerised voice, and they will leave messages on voicemail.

  • Scams which appear to come from phone numbers starting with “09” or “05” and make threats about Internet access.

  • Scam call from a company claiming to represent Telstra for job recruitment, and asking for a $250 fee for a “police check”.

  • Calls which appear to come from overseas locations such as Latvia or other unexpected foreign locations.

 

Remember, no legitimate organisation in Australia will accept iTunes, Netflix, Steam, Google Play, or other gift cards as a way to pay for a bill - if a caller ever asks for you to obtain these to pay a debt, it’s definitely a scam!

  

Recent Mobile/SMS Based Scams:

  • SMS claiming that “Christina Morrow has shared an album with you” with a link to a malicious website (which may mention Facebook in the URL).

  • SMS from an unknown number making a claim such as “Call back right away, I need urgent help”.

  • “Urgent” messages that claim to be from an Australian bank and ask you to click on a link that is not a legitimate Australian Bank web site. Many of these end with suspicious Internet domains such as .mobi

  • Facebook Messenger contacts that ask for an email address which can be used as “a recovery option.” The scammers may then ask for passwords or Apple ID information.

  • <firstname> <surname>, your network operator Telstra left you a message, read it here: hxxps://g**.m*/“

 

Please note that we have removed some specific details related to these scams.


Important to note 

The scams listed on this page are not a complete list of all possible scams that are currently taking place. We will be regularly updating these lists as we become aware of new scams, new trends, and new things for you to be aware of to stay safe online.

Version history
Revision #:
40 of 40
Last update:
2 weeks ago
Updated by:
 

Was this helpful?

  • Yes it was, thank you
  • No, I still need help