Active scams - Cyber Security
Our Cyber Security team constantly monitors suspicious emails, phone calls and texts to identify ways to minimise their impact and help you stay safe online.
This page is updated regularly but it’s not a complete list of all possible active scams and we’ve removed some specific details related to these scams. If you’ve received a suspicious call, email or text that doesn’t appear on this page, please report the scam to Telstra.
Fake “survey” or “prize” award
When visiting certain websites, a pop-up may appear notifying you of a prize of a new mobile phone or tablet, asking only that you fill out a survey, or pay a small amount for shipping. These are scams and not legitimate offers from Telstra. Note that this scam can also come as an email, or SMS. Telstra recommends using a reputable “ad blocker” for your web browser to minimise the impact of these scams.
Fake Bigpond or Telstra support services
Be wary of websites which claim to offer Bigpond or Telstra support services but are not affiliated with Telstra. There are many such sites out there, such as bigpond[.]numberXXXXralia[.]com or bigpondemailXXXp[.]com, aus-emailsuXXXrt[.]com, and none of them are approved by Telstra. Using these services may cost you considerably and put your personal information and computers at risk.
Fake job recruitment scams
Bogus job recruitment scams in which a job may be promised in exchange for personal details, identity documents, and so on. Many of the bogus recruiters may contact you via SMS, What’sApp or through sites such as freelancer.com . Telstra does not make use of these services for these purposes and any offer of employment made through them is not authentic.
Cryptocurrency account scams
Cryptocurrency accounts represent an attractive target for scammers. Be wary of any email, message, or online advertisement which may try to convince you to create, or log in, to a cryptocurrency account. Never provide remote access to your computer to anyone who claims to want to enlist your support to “track hackers” by using your cryptocurrency account.
ACMA Policy / Know Your Customer email scam
This email claims that due to a regulatory policy, you must fill out a form and take a picture of your identity documents (such as a driver's license) and upload them or send them to an email address controlled by criminals. You should never send sensitive personal information via electronic mail, and absolutely never take pictures of your identity documents and share them in this manner.
Fraudulent software invoice (refund) scam
This scam consists of two parts: A fraudulent invoice for a product or service (usually computer anti-virus software), and a telephone number provided to call to dispute the charges in the invoice. The goal of the criminal is to convince you to call the number they provide and enquire about the charges. They may claim to offer a refund and ask for your credit card information to provide the refund. Instead of giving you money back, the criminals will make large charges on your credit card, for which you may be held responsible. In some cases, this scam is combined with the "Fake Technical Support" scams mentioned above and scammers will attempt to gain control of your computer to obtain actual invoices or bills you may have saved, manipulate the contents, and send you the fake "new" invoice to pay.
“Your bill was paid twice” email scam
This is a very old email scam that returns every now and then. This scam claims that you accidentally paid your Telstra bill twice and are entitled to a refund. The email contains a link to a malicious website. If you are ever in question as to your Telstra bills or account, use the MyTelstra app or website to review the most recent status.
“Your AutoPay payment was unsuccessful” scam
In this email scam, a claim is made that Telstra was unable to process your last payment, and that a one-off payment is required to maintain services. The email contains a link to a malicious website and is often designed to gather your credit card information, or, other personal details.
Email Bill Overdue scam
This scam has many variations, but, contains a file attached which is an "HTML" or "ZIP" document, and usually has a name for the attachment such as "TRPB_1_K1702548545.html" or ends with ".zip". This document is a form of a phishing scam which, if opened, will appear in your web browser to look similar to a legitimate Telstra web page. The scam is designed to gather your personal information or username and password. Telstra does not send email bills as HTML or ZIP documents, so we would recommend deleting any email message which claims to be a Telstra bill and contains a document such as described here. You can always visit MyTelstra app or web to see the current status of your Telstra accounts and bills.
“Changes to Legal Agreements”
This email claims Telstra has made changes to legal agreements which apply to the recipient of the email. The message requests that you visit a website to “agree” to the policy updates. The email may threaten that if you do not click to “agree” that your account may be limited. Whilst Telstra may update our policies from time to time, we do not ask that you click on any links to agree to changes.
"Your last payment was declined"
This email claims that “an invalid billing associated” was detected on your account, and requests that you visit a malicious website which asks for personal or financial information. Variations on this scam have been around for over a decade, and some other recent examples are listed below.
Invoice “INT 1-[long number]” and “code 004” or “code 044” scam
An email scam that claims a credit card payment was not successful. It may include a reference to “code 004” or “044” and possibly a number like 1-22341284291 or 1-2234129558471 as an invoice reference number. A link to a malicious website is also included. Note that the “INT 1-“ number may change, but the message is still a scam.
This is an email based scam which attempts to extort the reader into paying a ransom in Bitcoin to prevent the release of sensitive information. In some versions of the scam, the “From” and “To” of the email may appear the same, which is a trick used by scammers. The scammer may claim to have access to a computer’s camera or sensitive files. This is a scam and Telstra does not recommend paying the ransom. For Bigpond/Telstra accounts, you can manage your password in MyTelstra and make sure it is strong and unique.
"Unsuccessful Direct Debit"
This is a phishing email claiming that a payment failure by a financial institution requires a new credit or debit card to be provided. Email contains link to malicious websites. May also ask you to “Update Your Payment Method”
Fake “Overpayment” or “Refund Bill” notification
The email claims that an overpayment of 393.23 * 2 (638.46) was made, and that the recipient of the email is due a refund. The amounts may vary but will typically contain an amount and a multiplier (* 2). Email may be signed by a “Gerd Schenkel”. Contains a link to malicious website.
Business Email Compromise scams
We have recently noticed an increase in what’s referred to as a Business Email Compromise scam. These emails claim to be from senior people in a company and ask for money to be transferred urgently, or, to pay an urgent invoice.
In some cases, they may request the purchase of electronic Gift Cards (such as iTunes, Netflix, Steam, or Google Play cards). Other versions of this scam include unexpected invoices with fraudulent “new banking details” being provided.
In some cases, criminals may also attempt to impersonate employees and ask for payroll departments to re-direct salary to bank accounts controlled by criminals. Telstra advises all customers to verify bank and payment information in invoices carefully and repeatedly, and to not accept requests for payment submitted via email without speaking to trusted individuals to confirm the request first.
Scams targeting Telstra customers
“Discount code” telephone scam
This is a variation on the “one time PIN/code” and “large discount” scams listed below. In this scam, the caller will attempt to trick victims into setting up a new MyTelstra username, with a password that they caller specifies. For example, callers may claim that to receive a 50% discount you need to enter “Discount2022” as a password. Telstra will never contact you in this manner, and we should not ask for, or provide you, with a password. If you receive a call that asks you to click on a link to receive a discount or other special offer, we recommend immediately hanging up.
Large discount phone & email scam
Some scammers may call you and offer a suspiciously large discount on Telstra services (40-100%), and to “confirm” the offer, they may try to send an email or SMS which contains the same offer. The email or SMS contains a link to a phishing scam website and is designed to trick you into providing your personal or financial information. Telstra advises you to hang up on any such call immediately and to delete the email and SMS.
“Your IP has changed from Private to Public” scam
In this telephone scam, the caller tries to convince you that your home network, and your IP address, has switched from a “private” to “public” mode, and that you are at risk. This is a trick to try to convince you to let the caller have remote access to your computer and home network. As always, Telstra advises you to immediately hang up on any such caller.
Telstra new telephone scam
A telephone call claiming to be from Telstra to validate the purchase of a new telephone. The callers may claim that that if you do not provide personal information that you will be charged for the device. They may also attempt to send you a One Time Code via SMS or email. These calls are not legitimate and are designed to gain access to your personal information or Telstra account.
We advise you hang up on any such caller immediately.
Telstra one time PIN/code scam
A phone call from a criminal pretending to be Telstra and asking for an SMS delivered PIN code in order to “upgrade” your Telstra service, or offer some sort of a discount (claiming up to 100% discounts). Telstra would never contact you in this manner and ask for the One Time PIN.
Never reveal one-time codes unless you initiated the call or transaction (such as with online banking).
nbn disconnection scam
A scam call where the caller claims to be from nbn and threatening disconnection from the Internet within 24-48 hours. Sometimes this call may be automated and ask you to press 1 or 2 to talk to a representative.
These calls and calls like them are fraudulent and you should immediately hang up.
Disconnection due to suspicious activity scam
Automated calls claiming to be from Telstra and threatening disconnection from the Internet due to suspicious activity seen on your line, or hacking activity seen on your line. Sometimes the caller will try to enlist your support to “catch a hacker.”
Other telephone scams
There is a problem with your IP address scam
These scams are not new and have been around for many years. The caller will state that there is a problem with your computer, or, more specifically, your IP address, perhaps even claiming that many people are using it from overseas. The goal of the scam is to obtain remote access and control of your computer.
ATO legal action scam
Calls claiming to be from the ATO and threatening legal action and/or arrest if action is not taken immediately. As above, these threats are in a computerised voice, and they will leave messages on voicemail.
Pay for an overdue bill with a gift card scam
No legitimate organisation in Australia will accept iTunes, Netflix, Steam, Google Play, or other gift cards as a way to pay for a bill - if a caller ever asks for you to obtain these to pay a debt, it’s definitely a scam!
myGov/ATO/Centrelink SMS scams
This scam is an SMS message which may claim there's a tax refund available, or provides another urgent reason that you must visit a malicious website and log in to myGov. There are many versions of this scam, and some appear similar to "MYG0V-AT0: Your 2021-2022 tax income of $28,898.45 is ready, visit https:<removed> to prepare." Note that this scam will frequently substitute a zero (0) for the capital letter O as seen in this example. Never click on a link in such a message and only go directly to the legitimate myGov website at https://my.gov.au or use their official "App".
New Device or Payment Confirmation SMS scams
In this scam, you may receive an SMS which claims to be from an Australian bank informing you of either a “new device” being registered on your account, a new PayID/OSKO contact, or, a new payment being processed. For example: “FROM BANK: There has been a login attempted from a new device. If this was NOT you, please call us urgently on <scam phone number>” or “BANK: You have successfully scheduled a transaction of $799.99 to payee <name> on 18/11/22. If this was NOT you, urgently contact us on <scam phone number>”. Note that some versions of this scam may direct you to visit a malicious website. Telstra’s SMS Scam Filter is regularly updated to help reduce this scam.
Fake road toll SMS scams
These scams claim to be a notification about an unpaid road toll. The messages may appear to be from organisations such as Linkt or EastLink, but many more simply claim that you have an urgent unpaid road toll that needs to be addressed. For example: “Linkt.:Your e-tag payment has been overdue on October to avoid fine charge please visit: <malicious website>”. Telstra advises to avoid clicking on these links and if you have any questions regarding any road tolls you may actually be responsible for to contact the appropriate organisation within your State or Territory. Telstra’s SMS Scam Filter is regularly updated to help reduce this scam.
Unexpected family member assistance SMS scam
This scam started out as a WhatsApp scam but became more widely known as the “Hi Mum” or “Hi Dad” scam. An unknown person will make contact via SMS and claim to be a family member, and in need of urgent financial assistance. The scammer will try to encourage SMS recipients to contact them via WhatsApp, or, to bank transfer a sum of money to a BSB/Account number. Telstra’s SMS Scam Blocking capability has been helping to reduce the prevalence of this scam, but continued vigilance and awareness of this scam is recommended.
Medicare/Health/Omicron/PCR test SMS
This scam makes a claim similar to “Someone who has encountered Omicron has been in close contact with you. A free PCR Test Kit must be requested at <malicious website>”. This phishing SMS is designed to trick you into providing personal and financial information. Telstra’s SMS Scam Blocking capability has been trained to try to prevent this scam message, but we recommend vigilance as there are always new variations being sent by criminals.
WhatsApp or iMessage related scams
Stay alert for suspicious employment or friendship offers which may be sent via secure messaging systems such as WhatsApp or iMessage. The employment scams claim to offer up to $2000 per day and request that you get in touch with a “job agent” via WhatsApp. The friendship scams pretend to be women interested in getting to know you, and also request follow-up conversations via WhatsApp. Both of these scams may ask for cryptocurrency payments. If you receive one of these scams, you should report it to the operator of the messaging service directly.
eBay/PayPal/Amazon fraudulent charge SMS
This SMS may claim that you have made a large payment for a new computer, phone, or other expensive item. A telephone number is provided for you to dispute the charge. These messages may contain what appears to be spelling errors. Do not call the telephone number provided in the SMS. An example message may appear similar to: “#Payment-Alert: You've paid A$2599.99 from your Bank Account info: PayPal TXN#401XVR15tq93 on 2021/11/11, If any Dispute, Dial us: < scam phone number > Thank you!!”
“Jassica” or “Christina Morrow” SMS scam
SMS claiming that “Jessica”, “Jassica”, or “Christina Morrow” “has shared an album with you” with a link to a malicious website (which may mention Facebook or Instagram in the URL). The website targets Android users and asks you to download and install a malicious APK (Android Package).
“Important” or “Urgent” messages from an Australian bank
“Urgent” messages that claim to be from an Australian bank and ask you to click on a link that is not a legitimate Australian Bank website. Many of these links end with suspicious Internet domains such as .mobi, .biz, or other locations which are not authentic.
Not a scam: tel.st!
Since 2012 Telstra has used a website link shortening service called “tel.st” - this is a legitimate service that Telstra operates. It is not a scam. We frequently use this when we need to communicate a long link to a website which may be too large for an SMS. We also use it in email from time to time. If you see a link which is pointing to “tel.st” then that link is one Telstra manages. If you’re ever unsure about an email or SMS, you can always contact Telstra Cyber Security at [email protected] and we’re happy to help answer your questions.
Not a scam: Opt-out in (some) SMS messages
In Australia, it is a requirement that organisations that use SMS for marketing purposes provide you with a convenient way to "opt-out" from future messages. In some cases this may be a request to reply to an SMS with a word like "STOP", and in other cases, it may be a request to visit a website to have your phone number removed from future marketing messages. Marketing messages from Australian organisations that adhere to the guidelines are not scams, and if you're ever not sure, you should contact the brand directly to enquire as to the legitimacy of their messaging, as well as how best to opt-out. Always be cautious with any website links provided in an SMS message, but also be aware that providing a way to opt-out is a legitimate requirement.
What to do if you think you’ve been scammed
If you believe you’ve become a victim of a scam, stay calm, here are a few steps you can take to help you take control.
Verify if it’s really Telstra contacting youCompanies or individuals sometimes contact our customers claiming to be from Telstra when they're not.
Report the scam to TelstraReporting a scam or suspicious messages will help us minimise the impact to our customers. You can use the form to report misuse of service, or email us at [email protected]
We’ll contact you if you need more helpIf you’ve reported to us that you’ve been scammed or have a specific question about a potential scam, our experts will contact you with more information and advice.
More about being scammed
- Stolen password - If you think a criminal has your password, change it immediately to a new, unique, and secure password. Go to My Telstra to change the password for your Telstra services. You should also consider using a reputable password manager to help keep your online passwords safe and secure.
- Financial account at risk - If you’re worried about the security of your credit/debit cards or bank account, contact your financial institution immediately.
- Identity theft - If you’ve shared personal information like your driver license, Medicare card, passport or other forms of ID, contact IDCare for help.
Find more tips on what to do if you think you’ve been a victim of cybercrime .
With cybercrime on the rise there’s a high chance you may become a victim of cybercrime even if you’re super vigilant.
Unwelcome communications can come as calls, texts or emails. Find out how to manage and report unwelcome calls or texts.
Easy ways to stay safe online
We lock doors and install alarms to protect ourselves and our belongings, so it's important to do the same against cybercrime.