Leading managed IT service providers identify the latest scam from the arsenal of scammers, this time tagging Telstra, one of Australia’s telecommunications and media company.
The large scale phishing attack is well executed, containing the usual interface from the telecommunications company. The HTML design is so similar to the ones typically sent out by the company that some customers were easily duped. It was eerily alike to the original, even to the minutest detail.
Yet as you know, there is still some kind of a tell that this is a phishing attack. The criminals purchased the domain telstraq.com, which was purchased in China on 19 November. If the recipients of the emails were not looking closely, then they wouldn’t have noticed the extra letter in the URL.
The false URL, with the sender display name of “Telstra”, are notable in the sense that they lend the letter a guise of authenticity.
This is not the first time that Telstra has been targeted by cyber criminals before. The brand therefore advises its clients to be vigilant when checking their bills and not to automatically click anything in their emails. Other reminders from the brand are as follows:
- Make sure that the email is customised to reflect your name, and is not addressed generally as “Dear Customer”, “Dear User”, or something similar.
- A legitimate email from Telstra or any reputable company will contain proper grammar. If the email is badly written or laden with spelling mistakes, then it is probably a scam.
- Hover over links or buttons before you actually click them. If you do this, you will see the address to which the links are redirecting you. If the URL looks suspicious, then don’t click it!
- The sender address is similar to a company’s real address, such as the case with this scam. If there are excess letters or typos in the sender address, then this is probably a fake email.
- If an email asks you to download a zip file or any attachment when normally you wouldn’t be asked to do so.
Phishing attacks have been growing in strength and in numbers in recent months. It’s about time that you upgrade your cyber security.
About IntelliTeK Pty Ltd
IntelliTeK is a managed IT services company in Sydney, Australia. With major vendor relationships and accreditations from the world’s leading IT companies including WatchGuard, Microsoft, Trend Micro and Amazon Web Services, IntelliTeK have kept clients happy since 2007.
IntelliTeK are always up to date with the latest cloud backup solutions which is why we only partner with the best in the industry. If your company isn’t fully equipped to fend off cyber criminals, then get in touch with us so we can discuss your options. Call us on 1300 768 779, email us at email@example.com, fill out the web form, or have a Live Chat with us below.