At Telstra, we are aware of the many suspicious emails, phone calls and SMS messages that our customers may receive. Our Cyber Security department, in conjunction with colleagues throughout Telstra, closely monitors these scams and work hard to minimise their impact to our customers.
This page has been developed as a convenient way to stay informed of some of the more recent scams we've been made aware of.
Do keep in mind, however, that cyber criminals are constantly making changes to their deceptions. So if you don't see something mentioned below, stay vigilant and refer to www.telstra.com/scams for more general information on scams, as well as information on how to report them to us.
When visiting certain websites, a pop-up may appear notifying you of a prize of a new mobile phone or tablet, asking only that you fill out a survey, or, pay a small amount for shipping. These are scams and not legitimate offers from Telstra. Note that this scam may also be delivered via email, or SMS. Telstra recommends using a reputable “ad blocker” for your web browser to minimise the impact of these scams.
Recent Email Based Scams:
“Telstra Mail *New Terms*” email scam
A scam email which claims your email will be suspended until you click on a malicious link to “accept” the new terms of service. This email may be signed by “Telstra Member Services”.
“Automatic Bill Pay declined: Telstra Broadband” email scam
This email claims that there was a problem with a payment card and asks the recipient to visit a malicious Google Docs web page which is designed to obtain sensitive personal information. The email may be signed by the “Chief operating officer”.
“Action requried!” [sic] email scam
Email scam which claims we were “unable to process your last payment of bill” - the word “required” is also misspelled at the start of the email, in addition to other grammatical errors.
Payment of last bill “N:2000088018674” was unsuccessful scam
This email may claim to be from the Telstra Credit Management team and threaten a suspension or restriction of your service due to non payment of an account. The “N:” number may also vary.
Invoice “INT 1-[long number]” and “code 004” or “code 044” scam
An email scam that claims a credit card payment was not successful. It may include a reference to “code 004” or “044” and possibly a number like 1-22341284291 or 1-2234129558471 as an invoice reference number. A link to a malicious website is also included. Note that the “INT 1-“ number may change, but the message is still a scam.
Email extortion scam
An email which appears to be “From” the same address that it is “To” and attempts to extort the reader into paying a ransom in Bitcoin to prevent the release of sensitive information. This is a scam and Telstra does not recommend paying the ransom. For Bigpond/Telstra accounts, you can always ensure you have a strong and unique password by managing it at https://www.my.telstra.com.au
“Unsuccessful Direct Debit scam
Phishing email claiming that a payment failure by a financial institution requires a new credit or debit card to be provided. Email contains link to malicious websites. May also ask you to “Update Your Payment Method”.
Fake “Overpayment” or “Refund Bill” notification
Email claims that an overpayment of 393.23 * 2 (638.46) was made, and that the recipient of the email is due a refund. The amounts may vary, but will typically contain an amount and a multiplier (* 2). Email may be signed by a “Gerd Schenkel”. Contains a link to malicious website.
Business Email Compromise scams
We have recently noticed an increase in what’s referred to as a Business Email Compromise scam. These emails claim to be from senior people in a company and ask for money to be transferred urgently, or, to pay an urgent invoice. In some cases they may request the purchase of electronic Gift Cards (such as iTunes, Netflix, Steam, or Google Play cards). Other versions of this scam include unexpected invoices with fraudulent “new banking details” being provided. In some cases, criminals may also attempt to impersonate employees and ask for payroll departments to re-direct salary to bank accounts controlled by criminals. Telstra advices all customers to verify bank and payment information in invoices carefully and repeatedly, and to not accept requests for payment submitted via email without speaking to trusted individuals to confirm the request first.
Please note that we have removed some specific details related to these scams.
Recent Telephone Based Scams:
A telephone call claiming to be from Telstra to validate the purchase of a new telephone. The callers may claim that that if you do not provide personal information that you will be charged for the device. They may also attempt to send you a One Time Code via SMS or email. These calls are not legitimate and are designed to gain access to your personal information or Telstra account. We advise you hang up on any such caller immediately.
“Telstra and NBN are merging” scam call that also claims a new 5G modem is required. The scam caller may ask for an up-front shipping fee to be paid, or, request to access and control your computer.
Scam call claiming that due to “excessive use of the Internet” a fee of $89 (amount varies) is being charged. This call is automated and may request that you “stay on the line to speak to customer service”.
Automated call from “Nicole” or “Megan” from the “NBN” urging immediate action regarding NBN availability and Internet access. Note that the name of the caller may change, and sometimes the automated voice may claim to be from Telstra.
Calls claiming to be from the ATO and threatening legal action and/or arrest if action is not taken immediately. As above, these threats are in a computerised voice, and they will leave messages on voicemail.
Automated call from “Homeland Security” or a similar government-sounding name which may threaten arrest if you do not “press 1” to talk to a representative. These messages are scams and we recommend immediately hanging up.
“There is a problem with your IP address” scams. These scams are not new, and have been around for many years. The caller will state that there is a problem with your computer, or, more specifically, your IP address, perhaps even claiming that many people are using it from overseas. The goal of the scam is to obtain remote access and control of your computer.
A phone call from a criminal pretending to be Telstra and asking for a SMS delivered PIN code in order to “upgrade” your Telstra service, or offer some sort of a discount (often claiming 30%). Telstra should never contact you in this manner and ask for the One Time PIN. Never reveal one-time codes unless you initiated the call or transaction (such as with online banking).
Some versions of the “upgrade” scam above are also offering to upgrade your service to 5G for a one time $4.99 fee, as well as the SMS One Time PIN. Never reveal one-time codes unless you initiated the call or transaction (such as with online banking).
A scam call where the caller claims to be from the NBN and threatening disconnection from the Internet within 24-48 hours. Sometimes this call may be automated and ask you to press 1 or 2 to talk to a representative. These calls and calls like them are fraudulent and you should immediately hang up.
Automated calls claiming to be from Telstra and threatening disconnection from the Internet due to suspicious activity seen on your line, or, hacking activity seen on your line. Sometimes the caller will try to enlist your support to “catch a hacker.”
Automated calls threatening legal action, including arrest, if the call is not returned immediately. These calls are usually from a computerised voice, and they regularly leave voicemail with their threats.
Unexpected calls which appear to come from overseas locations such as Africa, Europe, or other foreign locations. The goal of these calls is to trick you into calling back an unfamiliar number. These calls may incur higher rate charges as a result. You should avoid returning calls, especially overseas calls, when the number is unknown to you.
Remember, no legitimate organisation in Australia will accept iTunes, Netflix, Steam, Google Play, or other gift cards as a way to pay for a bill - if a caller ever asks for you to obtain these to pay a debt, it’s definitely a scam!
Recent Mobile/SMS Based Scams:
“You paid” invoice SMS scam
This SMS appears to be a confirmation of a payment to Amazon (or AMZ, or some other company) for several thousand dollars. The SMS will typically include a phone number (sometimes a 1800 number) which it offers for disputing the charge. This is a scam, and calling the number will result in criminals trying to trick you into providing your credit card information for a fake refund.
“I meant to get this to you earlier” SMS scam.
This scam is highly randomised for the content, but frequently will look like “Hello <name>. I meant to send you this earlier: <malicious link>” The names are chosen randomly. The greeting may also be an apology, like “Sorry Jayne”. The link is unique for each recipient. Do not click on the link because that may confirm your personal contact information to the scammers. The malicious website link points to fake news stories and is designed to generate revenue for the criminals by those who click on the link.
“We have attempted to deliver ur package” SMS scam.
This is a variation of the above scam. The links in the SMS point to websites which may try to convince you to pay a $1.00 “customs fee”. The scammers will likely charge your credit card much more instead.
“We got your registration” SMS scam.
An SMS that may read similar to “Hello, we got your registration, Thank you for your order starting 1K every day from today! The next step is here:” and will contain a malicious website link.
“Jassica” or “Christina Morrow” SMS scam.
SMS claiming that “Jessica”, “Jassica”, or “Christina Morrow” “has shared an album with you” with a link to a malicious website (which may mention Facebook or Instagram in the URL). The website targets Android users and asks you to download and install a malicious APK (Android Package).
“Important” or “Urgent” messages from an Australian bank.
“Urgent” messages that claim to be from an Australian bank and ask you to click on a link that is not a legitimate Australian Bank web site. Many of these end with suspicious Internet domains such as .mobi, .biz, or other locations which are not authentic.
Website & General Internet Scams:
Be wary of websites which claim to offer Bigpond or Telstra support services but are not affiliated with Telstra. There are many such sites out there, such as bigpond[.]numberXXXXralia[.]com or bigpondemailXXXp[.]com, aus-emailsuXXXrt[.]com, and none of them are approved by Telstra. Using these services may cost you considerably and put your computers at risk.
Bogus job recruitment scams in which a job may be promised in exchange for personal details, identity documents, and so on. Many of the bogus recruiters may contact you via SMS, What’sApp or through sites such as freelancer.com. Telstra does not make use of these services for these purposes and any offer of employment made through them is not authentic.
Please note that we have removed some specific details related to these scams.
Important to note
The scams listed on this page are not a complete list of all possible scams that are currently taking place. We will be regularly updating these lists as we become aware of new scams, new trends, and new things for you to be aware of to stay safe online.