More than 22,000 customers have recieved the fake emails this week.  The emails are very similar to legitimate telstra email bills.  The email claims that the customers have been paid twice, and can redeem a refund.  Customers are then asked to log into “My Account” – which takes the customer to a fake site where their details can be stolen.

In a message on the company website, Telstra’s National Security Advisor Rachael Falk urged customers not to respond to these scams, saying :  “These emails can look very authentic, often including logos and slogans to trick you into opening them, they often contain a link or an attachment which is designed to entice you into clicking on it.  If a Telstra customer receives either of these phishing emails we advise them not to click on the links or attachments and immediately delete the email from their email account.”

The fake emails are missing a “$” sign to describe the fictitious amount of money “owed”.  The refund amount is shown in a bracket.Another fake email also incorrectly addresses recipients with, “Hi, dear customer.”
Falk said phishing emails often include links and attachments that have malware, and are designed to trick customers into giving personal details.

The Australian Competition and Consumer Commission asks the community to think twice and not send any money or personal details to strangers.  So far this year $45 million was reported lost to scams and more than 45,000 complaints have been made.