Phishing Email Spoofing Telstra Uses ‘$500 Gift Card Reward’ To Trick Users

By   ISBuzz Team
Writer , Information Security Buzz | Oct 16, 2019 05:10 am PST

MailGuard has detected a new phishing email scam purporting to be from Telstra.

First detected yesterday, the 15th October, the scam purports to be from Telstra and masquerades as a notification from the telecommunications giant. Using a display name of ‘Telstra’ with a domain to match, the email originates from a single forged email address. It is titled ‘$500 Citibank Visa prepaid gift card reward’. The email’s body incorporates the Telstra logo and branding and advises the recipient that they need to claim their gift card reward before ‘18/10/2019’. A ‘claim link’ is provided for recipients to click on to access their gift card.

Unsuspecting recipients who click on the link to claim their award are redirected to a second URL which simulates a Telstra login page. This is actually a phishing page designed to harvest confidential details users. When the user inserts their login credentials, they are then led to a blank page, which is probably meant to simulate a slow connection or unreachable destination.



Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Javvad Malik
Javvad Malik , Security Awareness Advocate
InfoSec Leader
October 16, 2019 1:11 pm

Phishing emails come in many colours and guises. While this one appears to originate from telstra, there will be many others from different companies using the same Modus operandi.

Therefore, companies should look to make their users aware of the tactics and techniques used by criminals and how phishing emails are structured. With an effective and consistent security awareness and training programme, users will become better at spotting and reporting attempted phishing emails regardless of the originating company and the call to action.

Last edited 3 years ago by Javvad Malik

Recent Posts

Would love your thoughts, please comment.x