Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share









Optus ADSL Service Cancellation Phishing Scam Email

Outline
Email, purporting to be from telecommunications company Optus, claims that, because a recent payment was rejected, the recipient must follow a link to update account information or risk suspension of ADSL service.



Brief Analysis
The email is not from Optus and the claim that a payment was rejected is untrue. The message is an attempt to trick recipients into handing over personal and financial information to Internet criminals.

Bookmark and Share
Detailed analysis and references below example.



Scroll down to submit comments
Last updated: 9th November 2010
First published: 9th November 2010
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer


Example
Subject: Optus ADSL Service Cancellation.

Dear Customer,

Optusnet is sending you this email to inform you that your payment has been rejected by our system.This might be due to a recent change in your personal information OR you have submitted incorrect information during bill payment process.

As mentioned above you have to update your optus profile now to avoid service suspension, BY CLICKING HERE.

If you have already confirmed your billing information then please disregard this message as we are processing the changes you have made.

Regards,

Optus Adminstration

Billing Department




Detailed Analysis
According to this email, which claims to be from large Australian based telecommunications provider Optus, the recipient's Optus ADSL service may be suspended if he or she does not immediately update account details. The email claims that a recent payment was rejected by the company's payment system and urges the recipient to click a link in order to correct errors in his or her Optus account details so that the payment transaction can proceed. The message warns that a failure to update the account profile as requested will result in a service suspension.

However, the message is not from Optus and the claim that a payment has been rejected is a lie designed to fool Optus customers into submitting personal and financial information to Internet scammers. Those who believe the claims in the email and click the link as instructed will be taken to a webpage that asks them to login using their Optus username and password. Although the webpage may closely resemble a genuine Optus webpage, it is in fact part of a fraudulent site designed to steal information. Once the victim has "logged on" to the bogus site, he or she will then be taken to another page that requests credit card numbers and other financial and personal information. All information submitted on the bogus site - including the username and password - can be collected by the criminals operating the scam and used for credit card theft and other fraudulent activities. Armed with the stolen username and password, the scammers can also access the user's real Optus account. Given that the scam website may look very much like the genuine Optus website, the victim may not realize that he or she has been phished until it is far too late.

In recent months, a very similar phishing scam has targeted customers of Telstra, another Australian telecommunications provider. Neither Optus nor Telstra is ever likely to send customers unsolicited emails requesting them to provide financial and personal information via links in the messages. In fact, users should be very wary of any unsolicited emails that claim that their account with a given service provider or financial institution needs to be updated. This is a very common ruse that has been successfully used by phishing scammers for several years.

Bookmark and Share

References
Telstra Bill Account Update Phishing Scam
Phishing Scams - Anti-Phishing Information

Last updated: 9th November 2010
First published: 9th November 2010
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer