WARNING: The scam that's targeting thousands of Aussies
YOU want to give me $200? Sounds too good to be true.
That's the first thought that crossed my mind when an email from 'Telstra' landed in my in-box this week.
Considering telcos are usually chasing people for money rather than giving it away, my second thought was 'this has to be a scam'.
LISTEN AS A CQ WOMAN FALLS VICTIM TO A RECENT SCAM
The email, from email@example.com stated my monthly billing balance had been paid twice and I was owed $202.42.
It even included the forged signature of Telstra CEO Gerd Schenkel. Sounds pretty convincing right? And hey, who wouldn't want a $200 refund.
Luckily for me, alarm bells started ringing when I noticed a few tell-tale signs of a scam and I soon discovered the email is one of the latest scams doing the rounds in Queensland.
Dear Valued Customer,
After reviewing our payment server we found the following error, your monthly billing balance was paid twice (202.42 * 2) an amount of 404.84 AUD.
In order to get refunded please visit your account immediately and complete the form.
Then we will refund you the second charge of 202.42 AUD directly to your bank account.
Click the button below to start your refund process.
So how did I know it was a scam?
Well, other than the fact that I would notice if $200 was missing from my account, a few details of the email triggered my 'scam radar'.
1. Stretched and distorted header.
The header of the email, which features the Crowd Support, Facebook and Telstra logo is stretched and distorted - a legitimate Telstra email would not look like this.
2. Email address
The firstname.lastname@example.org address itself just doesn't look right and a quick search through my previous emails from Telstra proved this was an address I'd never seen before.
3. Account number
A cross reference of the account number listed on the email with my actual account number proved it was not correct.
4. Due Date
Most of us know when our bills are due and the date listed is certainly not a date I paid my bill on. Make sure you cross reference this as well.
5. Login Button
Before clicking on the 'Login to your account' button, hover over it and check which web address shows up.
In this case, the web address is 'fusearch.com - shouldn't it be something along the lines of telstra.com.au?
So what can I do now?
1. Do not click on any links in the email or the 'click here to login' button. Doing can lead you to malicious sites and allow malicious content to affect your computer.
2. Change your password on the off-chance a scammer has been able to breach security barrier and gain access to your private information.
3. If you suspect that you may have fallen victim, contact your bank or financial institution, your credit card company, the Australian Competition and Consumer Commission (ACCC) and the police.
4. Report the scam to police and to the ACCC by clicking here.