Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider


Site Navigation










Bigpond Security Service Phishing Scam

Outline
Message purporting to be from Australian Internet service provider Bigpond claims that the Bigpond Security Service has limited access to email features until users restore their accounts by replying with their username and password.



Brief Analysis
The message is not from Bigpond and the claims that email accounts have been limited is untrue. The message is a phishing scam designed to trick recipients into sending the account login details to Internet criminals.

Bookmark and Share
Detailed analysis and references below example.

Enter your email address to subscribe to the Hoax-Slayer Newsletter:






Last updated: August 6, 2012
First published: August 6, 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer


Example

Subject: BIGPOND SECURITY SERVICE

BIGPOND Manage my Account

Dear BIGPOND Customer, We have temporarily limited all access to sensitive account features in our E-mail accounts.
In order to restore your account access, you need to reply to this email immediately with your user-name:(_________________) and password:(___________).


Due to much junk/spam emails you receive daily, we are currently upgrading all email accounts spam filter to limit unsolicited emails for security reasons and
to upgrade our newly improved E-mail account features to ensure you do not experience service interruption. You must reply to this email immediately with
your user name and password to enable us upgrade your E-mail Account properly.

A confirmation link will be send to you for the Re-Activation of your e-mail Account, as soon as we received your response and you are to Click on the
"Confirm E-mail" link on your mail Account box and then enter this confirmation number: 1265-6778-8250-8393-5727.


Thank you for using BIGPOND webmail

Account Warning Code: QOTOSBCG8B52AXV BIGPOND webmail Account Service
Team Management. Thanks for your co-operation.: Technical Support Copyright 2012.




Detailed Analysis
According to this message, which claims to be from large Australian Internet service provider, Bigpond, the company is upgrading its email spam filters. Therefore, claims the message, access to "sensitive account features" in all Bigpond email accounts have been limited to allow the upgrade. Account holders are instructed to reply to the email with their username and password immediately in order to restore full account access and avoid further service interruption.

However, the email is certainly not from Bigpond. And the claim that Bigpond has limited account access due to an upgrade is a lie. In fact, the message is a phishing scam that attempts to trick recipients into divulging their Bigpond account login details to cybercriminals. Those who comply with the request in the scam email and send their username and password will in fact be handing their accounts over to the criminals running the phishing attack. Once they have received login details, the criminals can then use them to hijack Bigpond accounts at will and use them for their own fraudulent purposes. Firstly, these crooks may change login details so that the legitimate users can no longer gain access to their own accounts. Then, they may use the hijacked accounts to launch further spam and scam attacks. They may also steal any personal information about their victims that they can find in the compromised accounts.

No legitimate service provider is ever likely to ask its customers to provide their username and password by replying to an email. Any email that makes such a request is virtually certain to be a scam. Variants of the scam may try to trick users into clicking a link that opens a bogus website that is designed to look like a real Bigpond website. Other versions may try to entice victims into filling out a fake form contained in an attached file. Like other Internet service providers around the world, Bigpond has been regularly targeted in such scams.

Users should be very cautious of any message that claims that they must provide account login details or other personal and financial information due to a service upgrade or suspension, billing errors, account validation requirements or similar reasons. If you receive such an email, do not reply. Do not open any attachments or clcik any links that the email contains. The safest method of accessing your online accounts is to enter the account's web address into your browser. Phishing is an extremely common type of Internet fraud that constantly targets users of many different service providers, companies and financial institutions all around the world.


Find out more about phishing scams.


Bookmark and Share



References

Optus ADSL Service Cancellation Phishing Scam Email
AOL Deactivated Account Phishing Scam
Bigpond 'Broadband Service Suspension' Phishing Scam
Bigpond Database Upgrade Phishing Scam


Last updated: August 6, 2012
First published: August 6, 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer