Scamwatch round-up – EnergyAustralia, Telstra and CBA

Scamwatch round-up – EnergyAustralia, Telstra and CBA

Phishing scams have targeted some of the biggest Aussie brands this week

ARN provides a weekly wrap of the phishing scams, malware attacks and security breaches impacting organisations across Australia.

This week, EnergyAustralia, Telstra and the Commonwealth Bank have had their brands used in malware attacks delivered via dodgy emails to Australian inboxes.

On 20 November, large volumes of fake emails were intercepted by email filtering company, MailGuard. An email designed to look like a bill notice from EnergyAustralia was one of the fake emails picked up by the company.

In this instance, the perpetrators registered the energyau[dot]com domain with the intent to convince recipients the email was legitimate.

According to MailGuard, the domain was created with a Chinese domain registrar on Monday.

“MailGuard first spotted this email attack mid-morning and since then we’ve detected tens-of-thousands of them being sent out,” the company wrote in a blog post.

Screenshot (MailGuard)
Screenshot (MailGuard)

On Tuesday, 21 November, another large-scale fake email attack was verified, this time with cybercriminals using Telstra’s brand.

According to MailGuard, this is well executed attempt, using a sophisticated HTML design utilising authentic looking graphical elements and layout.

Similar to the Energy Australia attack on the previous day, cybercriminals behind this registered the domain telstraq[dot]com on Sunday in China.

By clicking on the bill link, recipients were being directed to a compromised SharePoint site where they were asked to download a .zip folder. The zip folder contains a malicious JavaScript file that acts as an agent to automatically download malware to the recipient’s computer.

The sender display name, Telstra, on the email header, and the authentic looking sender address; telstraemailbill_noreply[at]online[dot]telstraq[dot]com, gives the message a “very convincing” appearance, according to MailGuard.

Screenshot (MailGuard)
Screenshot (MailGuard)

The most significant attack of the week also took place on Tuesday, 21 November, in a phishing scam targeting Commonwealth Bank (CBA) customers to give away their credit card details.

The fake email tells recipients that their data has been changed, asking that if changes were not made by them to click and complete security measures.

By clicking the link, recipients were taken to a fake CBA page asking for their personal details followed by a page requesting their credit card details.

CBA has told customers on its website that “it’s important to remember that we will never send you a message asking you to confirm, update or disclose your personal or banking information”.

Screenshot (MailGuard)
Screenshot (MailGuard)

It seems that the bigger the brand, the more it is targeted by this type of scam. EnergyAustralia, Telstra and CBA have all had their names used on one or more fake email scams this year.

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags malwareTelstraCBAscamEnergyAustraliaSCAMwatch


Show Comments