Telstra has warned customers about a sophisticated phishing scam that is being emailed under the guise of a telecommunications services bill.
The scam, which appeared to have been first reported by Whirlpool users yesterday morning, prompted an official notification from Telstra.
Customers reported that the email promised a PDF file of the bill, but instead attached a zip file that contained an executable.
It also had a fake account number, but carried significant Telstra branding and links that appeared to go to legitimate Telstra URLs.
Several users reported the scam to be "a cut above" the average phishing attack, and a Telstra representative labelled the scam as "sneaky".
To confuse things, the timing of the scam mailout coincided with a legitimate marketing email from Telstra urging customers to switch to electronic billing.
Telstra urged users that received suspicious billing emails to go directly to their My Account page through the Telstra website, and not click on any links in emails they believed may be fake.
It also provided some general advice to customers on how to spot phishing emails.
_(23).jpg&h=140&w=231&c=1&s=0)
_(28).jpg&h=140&w=231&c=1&s=0)
_(26).jpg&w=100&c=1&s=0)
iTnews Executive Retreat - Security Leaders Edition
_(1).jpg&h=140&w=231&c=1&s=0)
