Bigpond Database Upgrade Phishing Scam
OutlineEmail purporting to be from Australian Internet Service Provider Bigpond, claims that, due to an upgrade of database servers, the recipient must reply with his or her login email address and password to ensure continued service.
Brief Analysis
The message is not from Bigpond and the claim that users must provide their account details because of a server upgrade is untrue. The message is a phishing scam designed to steal account details from Bigpond customers.
Detailed analysis and references below example.
Last updated: 24th January 2011
First published: 24th January 2011
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer
Example
Subject: FINAL WARNING
Attention: BIGPOND Email User
BIGPOND is upgrading database Servers from the
old Servers (Nol06769) to the new Servers (No521766).
You are to fill the details below to enable us upgrade and
Verify from the old server.
FILL THE DETAILS BELOW OR ANYWHERE IN THE MAIL
Email Address:
Password:
Address:
City:
Attention: BIGPOND Account owners who do not update his or
her account immediately you receive this Notification
will have problems using our online facilities effectively.
Notification Code:CZX1G13ABJ
The "BIGPOND "Upgrade Team
Thanks for your co-operation.
Detailed Analysis
According to this email, which purports to be from Australian Internet Service Provider Bigpond, the recipient is required to reply to the message with his or her account email address, and password. Supposedly, the information is required because Bigpond is upgrading its "database servers". The message warns that customers who do not provide the requested information will have problems using the service as a result. The email claims to be a "final warning" about the upgrade from the "Bigpond Upgrade Team".
However, the email is not from Bigpond and the claim that customers must provide account details because of a server upgrade is untrue. In fact, the message is a
phishing scam designed to trick Bigpond customers into divulging private account details.
Those who fall for the ruse and reply with the requested details will in fact be handing over access to their accounts to Internet criminals. Once the scammers have this account information, they can then login to the customer's Bigpond account at will, steal or misuse any information stored there and use the customer's email account to send
spam or other scam messages. The scammers are likely to change the customer's password so that he or she can no longer access email or Bigpond online services.
Bigpond - or any other legitimate service provider - will never ask customers to send passwords or other private information by replying to an unsecure email. Any message that asks you to reply with such information should be treated as highly suspicious. And, even if Bigpond was upgrading its servers it would not require customers to provide account details via an email. Bigpond, and its
parent company Telstra, are regularly targeted by phishing scammers as are
other telecommunications companies in Australia and
elsewhere around the world.
Scammers often use similar ruses to trick recipients into handing over access to webmail accounts such as those provided by
Hotmail and
Gmail.
While the version discussed here asks recipients to directly reply to the email with their details, other phishing scams may ask recipients to follow a link that opens a bogus website where they are requested to provide details via an online form. Other variations of such scams may ask users to open and fill in a form attached to the email.
Users should be very cautious of any email purporting to be from their Internet Service Provider or webmail service that asks them to provide passwords and other account details either via email or via an online form.
References
Phishing Scams - Anti-Phishing Information
Friend Stranded in Foreign Country Scam Emails
Telstra Bill Account Update Phishing Scam
Optus ADSL Service Cancellation Phishing Scam Email
Bell Canada Phishing Scam Email
Hotmail Account Closure Phishing Scam
Gmail Account Phishing Scam
Last updated: 24th January 2011
First published: 24th January 2011
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer