The Australian Competition and Consumer Commission’s (ACCC) 2013 Targeting Scams Report shows the number of reports to the ACCC about email scams increased by nearly 14 per cent in the past year, which indicates scammers are using email to ‘phish’ for personal information.
Phishing emails are designed by cyber criminals who target consumers and large enterprises around the world, including Telstra and our customers.
These emails look very authentic, often including company logos and slogans, to trick you into opening them. They often contain a link or an attachment, which is designed to entice you into clicking on it.
These links and attachments could be infected with malicious software (known as ‘malware’) which, when clicked, starts to infect your device and possibly give other people access to your information.
In other cases, the email could be designed to trick consumers into clicking on embedded links, so that they disclose their personal details, like their name, address and personal banking details. These details are then captured and can then be used illegally.
An example of a phishing email that Telstra has recently detected is entitled ‘Update billing information’. It appears to be sent by Telstra, but upon closer inspection you can tell it’s a fake.
Another version of a phishing email that cyber criminals send out contains a link with malware called ransomware.
It’s important you do not open these emails and particularly the embedded link in them.
The ransomware hijacks your computer and encrypts your files so you can’t access them. It also encrypts files on any group (shared) drives that you have access to.
When the ransomware locks you out of your computer, it displays a message detailing how you can ‘free’ your PC by paying the ransom. The cyber criminals who are responsible for sending the ransomware try to obtain payment and your credit card details.
If you ever get this kind of message DO NOT PAY THE RANSOM under any circumstances. You do not know where the payment is sent and there is no guarantee the cyber criminals will release your PC.
At this point the information on your PC is already lost and you need to do a complete rebuild. If you don’t have a back up, then your information is gone.
Take a moment and think before you click: don’t become the next phishing victim.
Tips to avoid being a victim of phishing emails
- Beware of unsolicited requests for sensitive information – don’t click on embedded links in emails or sites you don’t know or trust. If in doubt, visit trusted websites by typing the internet address (URL) directly into the browser address bar, rather than clicking on a link embedded in an email.
- Never respond to requests for personal information in an unexpected email or pop-up window.
- If in doubt, always contact the company that claims to be the sender of the email or pop-up window, using their official contact details.
- Make sure all your devices are protected with regular updated anti-virus and anti-spyware software.
- Use a spam filter to help block unsolicited and unwanted email.