A phishing scam has led to a number of compromised BigPond email accounts being used to transmit spam, which has caused some email addresses to be blacklisted, Telstra has confirmed.
Yesterday, Telstra said that it was investigating why several hundred BigPond users were unable to receive their email, with users reporting that they were receiving bounce-back notices for emails sent to BigPond addresses. Today, Telstra said that an investigation by the company's Spam National Operations Centre uncovered that the addresses had been blacklisted because they had been compromised and used to transmit spam.
"We believe that this is as a result of phishing scams where customers have been asked to provide their username and password in response to a fake email purporting to be from BigPond," Telstra told ZDNet Australia
"Telstra's SpamNOC is working with email blacklist operators to have the listings removed ASAP."
The phishing email purporting to be from BigPond advises customers to submit their username and password has been doing the rounds for several months. The email forced Telstra to issue a statement telling customers to ignore the email at around the same time that it was dealing with resetting passwords of 60,000 customers due to a separate security issue that saw customer details exposed online.
Telstra has advised BigPond customers who are seeing error messages in their inbox for messages they do not remember sending to reset their password immediately.