Scammers are targeting millions of Telstra customers with a phishing scam that promises a refund, only to steal personal and banking information from unsuspecting victims. As this is a safety issue with potentially up to 18 million customers affected (as estimated by Telstra), we're going to take a deep dive into what this scam is and what to do if this scam is spotted.

Just remember that if you need support or someone to talk to, our Sonder support team is available 24/7 to chat whenever you need it.


What is this Telstra phishing scam?

This phishing scam involves fake emails being sent out to unsuspecting Telstra customers and promising a refund of sorts, only to steal Telstra ID login information and subsequently accessing bank accounts or take control of phone numbers.

Like most phishing scams, this begins with a fake email being sent to Telstra customers from a 'Service Inc' and containing a long-winded subject line containing the word 'Refund' in it.

The email is a pretty convincing recreation of a real Telstra email and it alerts the recipient that their account has been "paid twice due to a system error". In order to get the supposed amount refunded, the email instructs the recipient to click the enclosed 'Refund the amount' button and follow the instructions.

If the 'Refund the amount' button is clicked, the user will be taken to a phishing page at 'complianceassistance.us', which has no association with Telstra. This phishing page is designed to look very similar to the login page used by Telstra and it can be easy to get them mixed up.

The user is asked to enter their Telstra ID login details, which will then be harvested by scammers for later use. Here's what this page looks like:

image002-Aug-29-2022-02-25-48-21-AM

The next page, which is again crafted to look like a legitimate Telstra site, prompts the user to enter their credit card details, which will then be stolen by the scammers. After this stage, the site redirects the user to a page that prompts them to enter a one-time code sent to their mobile number. Once entered, the user is directed to the genuine Telstra website.

This phishing email scam is pretty convincing, especially to those who may be struggling financially. However, there are a number of red flags in the email that reveal it to be a scam, including:

  • Use of a generic "Dear customer" greeting

  • Poor grammar and typos in the email copy

  • Failure to mention a refund amount

  • Suspicious zip files or other attachments

  • The use of a DHL reply-to-email address

  • The incorrect URL for the Telstra login page.

What to do if you spot this scam

If you've received a phishing email of any kind, the first thing is to avoid opening it and then delete it directly from your inbox. If you've accidentally clicked on a link in the phishing email, do not enter any information in the site you're directed to. If you've clicked on or saved a suspicious attachment deleted it immediately and run an anti-virus scan on your device.

After all that, report the scam to Telstra here and include as much detail as possible.

If you've shared personal or financial details in response to the phishing email, you need to:

  • Contact your bank immediately to let them know what happened and ask what they can do to help.

  • Change the passwords for any online accounts that might be at risk. Make sure to enable two-factor authentication for an extra layer of security.

  • If you've shared personally sensitive information, such as your driver's licence, passport details, or contact details, visit IDCare for assistance on how to address potential identity theft.

  • File a report with the Australian Cyber Security Centre here.

Related reading:


If you have any questions or need extra support, we're here to help you anytime in any language. Simply start a chat with us via the home screen of the Sonder app.

Information sourced from: Mailguard and Telstra

Image credit: Wikimedia Commons

All content in Sonder's Help Centre is created and published for informational purposes only. It is not intended to be a substitute for professional advice.

Did this answer your question?