Issue 137 - August 2012 (2nd Edition) - Page 22
Bigpond Security Service Phishing Scam
Message purporting to be from Australian Internet service provider Bigpond claims that the Bigpond Security Service has limited access to email features until users restore their accounts by replying with their username and password.
The message is not from Bigpond and the claims that email accounts have been limited is untrue. The message is a phishing scam designed to trick recipients into sending the account login details to Internet criminals.
Detailed analysis and references below example.
Scroll down to submit comments
Last updated: August 6, 2012
First published: August 6, 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer
Subject: BIGPOND SECURITY SERVICE
BIGPOND Manage my Account
Dear BIGPOND Customer, We have temporarily limited all access to sensitive account features in our E-mail accounts.
In order to restore your account access, you need to reply to this email immediately with your user-name:(_________________) and password:(___________).
Due to much junk/spam emails you receive daily, we are currently upgrading all email accounts spam filter to limit unsolicited emails for security reasons and
to upgrade our newly improved E-mail account features to ensure you do not experience service interruption. You must reply to this email immediately with
your user name and password to enable us upgrade your E-mail Account properly.
A confirmation link will be send to you for the Re-Activation of your e-mail Account, as soon as we received your response and you are to Click on the
"Confirm E-mail" link on your mail Account box and then enter this confirmation number: 1265-6778-8250-8393-5727.
Thank you for using BIGPOND webmail
Account Warning Code: QOTOSBCG8B52AXV BIGPOND webmail Account Service
Team Management. Thanks for your co-operation.: Technical Support Copyright 2012.
According to this message, which claims to be from large Australian Internet service provider, Bigpond, the company is upgrading its email spam filters. Therefore, claims the message, access to "sensitive account features" in all Bigpond email accounts have been limited to allow the upgrade. Account holders are instructed to reply to the email with their username and password immediately in order to restore full account access and avoid further service interruption.
However, the email is certainly not from Bigpond. And the claim that Bigpond has limited account access due to an upgrade is a lie. In fact, the message is a phishing scam that attempts to trick recipients into divulging their Bigpond account login details to cybercriminals.
Those who comply with the request in the scam email and send their username and password will in fact be handing their accounts over to the criminals running the phishing attack. Once they have received login details, the criminals can then use them to hijack Bigpond accounts at will and use them for their own fraudulent purposes. Firstly, these crooks may change login details so that the legitimate users can no longer gain access to their own accounts. Then, they may use the hijacked accounts to launch further spam and scam attacks. They may also steal any personal information about their victims that they can find in the compromised accounts.
No legitimate service provider is ever likely to ask its customers to provide their username and password by replying to an email. Any email that makes such a request is virtually certain to be a scam. Variants of the scam may try to trick users into clicking a link that opens a bogus website that is designed to look like a real Bigpond website. Other versions may try to entice victims into filling out a fake form contained in an attached file. Like other Internet service providers
around the world
has been regularly targeted
in such scams.
Users should be very cautious of any message that claims that they must provide account login details or other personal and financial information due to a service upgrade or suspension, billing errors, account validation requirements or similar reasons. If you receive such an email, do not reply. Do not open any attachments or clcik any links that the email contains. The safest method of accessing your online accounts is to enter the account's web address into your browser. Phishing is an extremely common type of Internet fraud that constantly targets users of many different service providers, companies and financial institutions all around the world.
Optus ADSL Service Cancellation Phishing Scam Email
AOL Deactivated Account Phishing Scam
Bigpond 'Broadband Service Suspension' Phishing Scam
Bigpond Database Upgrade Phishing Scam
Pages in this issue:
- Anti Text-Driving Message - Car Wedged Under Truck Image
- Nationwide Phishing Scam Emails
- Faux Image - Double Sunset on Mars
- Microsoft Cyber-Crime Department Phishing Scam
- Does A Photo Depict A Puppy Being Forced to Drink Vodka?
- Post Circulating Claims Hotel Made Disabled US Veteran Crawl Down Stairs
- AFL vs NRL - Wrongdoings of Australian Members of Parliament Hoax
- Three.co.uk Phishing Scam
- Another Facebook Sick Baby Hoax - Baby With Brain Cancer
- Circulating Opinion Piece - 'Democratic, Republican Liberal-Progressive's Worst Nightmare'
- Fake Three (Or Seven) Headed Snake Image
- Misleading Health Advice Email - 'Mayo Clinic on Aspirin and Heart Attacks'
- Facebook Survey Scam - Free Argos Gift Card
- 'Email Deactivation Warning' Phishing Scam
- Anti-Obama Youtube Video Compiles Multiple Conspiracy Theories
- Fake AT&T Bill Emails Point To Malware
- Messages Claim Coca Cola to be Banned In Bolivia
- 'Free Apple Product' Text Message Survey Scam
- Circulating Warning - Facebook May Close Down Animal Rescue Account'
- 2012 FIFA World Cup Online Lottery Advance Fee Scam
- Email Claiming US Gold Medal Gymnast Gabrielle Douglas Faces Lifetime Ban Used to Spread Malware
- Bigpond Security Service Phishing Scam
- Wrestling Star John Cena is NOT Dead
- Hoax - NASA Predicts Total Blackout of Planet in Dec 2012
- Wrestling Star Undertaker is NOT Dead
- Colin And Chris Weir Donation Programme Advance Fee Scam
- US EPA Regulations Force Power Plant Closures
- 'View Facebook Followers' Scam Targets Twitter Users
- Lloyds TSB 'New Banking Authentication' Phishing Scam
- Faux Image - Pilots Protesting Chemtrails
- Telstra Bill Account Update Phishing Scam
- McDonald's Signboard Supporting Chick-Fil-A
- ABSA 'Authorized EFT Payment Received' Phishing Scam
- Hoax Picture - Obama Holding Phone Upside Down
- 'eBay Item Not Received' Phishing Scam Email
- Wells Fargo 'Security Check' Phishing Scam
- False Warnings - 'Cleaning out Friends List' Questions on Facebook Contain Viruses or are Posted by Hackers