Phishing scam causes Telstra email woe

Phishing scam causes Telstra email woe

Summary: A phishing scam has led to a number of compromised BigPond email accounts being used to transmit spam, which has caused some email addresses to be blacklisted, Telstra has confirmed.

SHARE:

A phishing scam has led to a number of compromised BigPond email accounts being used to transmit spam, which has caused some email addresses to be blacklisted, Telstra has confirmed.

Yesterday, Telstra said that it was investigating why several hundred BigPond users were unable to receive their email, with users reporting that they were receiving bounce-back notices for emails sent to BigPond addresses. Today, Telstra said that an investigation by the company's Spam National Operations Centre uncovered that the addresses had been blacklisted because they had been compromised and used to transmit spam.

"We believe that this is as a result of phishing scams where customers have been asked to provide their username and password in response to a fake email purporting to be from BigPond," Telstra told ZDNet Australia

"Telstra's SpamNOC is working with email blacklist operators to have the listings removed ASAP."

The phishing email purporting to be from BigPond advises customers to submit their username and password has been doing the rounds for several months. The email forced Telstra to issue a statement telling customers to ignore the email at around the same time that it was dealing with resetting passwords of 60,000 customers due to a separate security issue that saw customer details exposed online.

Telstra has advised BigPond customers who are seeing error messages in their inbox for messages they do not remember sending to reset their password immediately.

Topics: Security, Broadband, Telcos, Telstra

About

Armed with a degree in Computer Science and a Masters in Journalism, Josh keeps a close eye on the telecommunications industry, the National Broadband Network, and all the goings on in government IT.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

3 comments
Log in or register to join the discussion
  • We should be aware of this types of scams!!!
    SabrinaS-e160e
  • "receiving bounce-back notices for emails sent to BigPond addresses"

    Nothing new. I've found this to be a regular BP event over many years when only my list of BP contacts suddenly starts bouncing & they have to switch to webmail providers for a week or so until their bouncing status ceases.
    grump-a1eeb
  • I was reading about DMARC at http://www.unlocktheinbox.com/resources/dmarc.aspx,
    perhaps they should try to implement something like this (even though its only in draft form right now) to minimize phishing and get at the source?
    wpfn-b6f0b