A sophisticated phishing email purporting to be from Telstra has been identified by MailGuard.
"It's just mind-blowingly awesome," said MailGuard CEO Craig McDonald, "in terms of representing the brand, or misrepresenting it."
The email, which convincingly mimics the branding of the telco, informs the recipient that their bill has been paid twice by mistake. To receive their ‘charge back’ people are ‘requested to visit your account immediately and complete the claim’.
It is signed by ‘Telstra executive Gerd Schenkel, Executive Director, Digital Sales and Service’.
The 'Log in to My Account' box directs to a landing page which harvests Telstra account log in and bank details. It is near-identical to the legitimate Telstra 'My Account' page.
McDonald said there had only been a "small run" of the email but it could be a test ahead of a larger attack.
"Cyber criminals are really good marketers," he said. "Their craft is improving every single email. Like marketing - you write a couple of variations of copy, you send a few; you see what kind of responses you get back.
"The criminals are very well organised, they're well-funded, they make a lot of money from doing this behaviour. They're crafting as best they can."
One difference between Telstra's genuine account login page and the fake was a video encouraging customers to switch to an email bill and ditch paper bills.
Telstra has not alerted customers to the scam but did refer CIO Australia to their standard tips on spotting phishing emails and the Australian Competition and Consumer Competition (ACCC) Scamwatch website.
A spokesperson said: “These emails look very authentic, often including company logos and slogans, to trick you into opening them and disclosing your personal details, including your name, address and personal banking details.
“If a Telstra customer receives a phishing email we advise them not to click on the links or the attachment and delete the email from their account."
McDonald said large corporations should be doing more to educate customers about phishing scams.
"That's all great to say but when you're flat out busy and you’ve got 500 things going at home or at work, and the emails themselves are so compelling you want to get onto it because you're so busy," he said. “They're pretty good even when you stop and pause.
"Anyone's who has got a major brand that's built up trust over time; it's in their interests to educate in a wider sense."
MailGuard said it first identified the email yesterday and was the only vendor to detect it so far.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.