Optus Email Scam Target Customers with Fake Late Payment Penalties

Phishing emails are an everyday occurrence, as they are effective in taking advantage of people’s easy propensity to trust corporate logo-bearing messages.  The number one motivation is profitability, there is money to be made from every poor victim of social engineering.

ACMA (Australian Communications and Media Authority) has warned the Australian public about a circulating fake email from Optus, a mainstream Aussie telecommunications company.

Below is the direct quote from ACMA’s official Facebook account: acmadotgov

OPTUS SCAM ALERT! Emails claiming to be from Optus are circulating. They want your credit card information for what is claimed to be an unpaid bill.

The ACMA has been receiving reports about emails with the subject line ‘We are unable to process your last payment’.

The fake emails are sophisticated and use a web address that looks like the real Optus website. The email contains a link to a fake ‘pay your bill’ page, which then asks for your credit card details.

The fake email and payment form are cunningly crafted to trick people. It’s important you check the legitimacy of email links to protect your personal information—use contact details you find through a legitimate source and not those contained in the suspicious message.

Optus customers are at risk when they receive the fake email, as it was specifically made to look like a legitimate email from Optus, complete with its official corporate logo. The phishing email is designed to turn-off the customer’s deductive reasoning skills by creating a false sense of urgency, as the email was all about unpaid bills.

“Optus was made aware of a phishing email that some Optus customers may have received over the weekend, requesting them to confirm their payment details. We reacted quickly to block the website linked to the email, which will ensure Optus mobile and internet customers who mistakenly click the link won’t be able to access the site. We’ve also reported the site and requested it is taken down,” said the Optus spokesperson.

Optus has emphasized that the company will never email a customer soliciting personally identifiable information, including financial details. They advise their customers to immediately report to Optus all instances of phishing emails bearing the name of the company.