Sunday, January 23, 2011

Phishing Scam for Bigpond, Australian Internet Service Provider, Customers - - Required Log-in Details Due to Upgrading of Database Servers

Beware! Its a Cyber World - - Summary:

Email pretending to be from Australian Internet Service Provider Bigpond, claims that, due to an upgrade of database servers, the recipient must reply with his or her log-in email address and password to ensure continued service.

In fact, the message is not from Bigpond and the claim that users must provide their account details because of a server upgrade is untrue. The message is a phishing scam designed to steal account details from Bigpond customers. 

Let's have a look to the mail contents:


Attention: BIGPOND Email User

BIGPOND is upgrading database Servers from the old Servers (Nol06769) to the new Servers (No521766). You are to fill the details below to enable us upgrade and Verify from the old server.

Email Address:

Attention: BIGPOND Account owners who do not update his or her account immediately you receive this Notification will have problems using our online facilities effectively. Notification Code:CZX1G13ABJ

The "BIGPOND "Upgrade Team Thanks for your co-operation.

Beware! It's a Cyber World  - - Explanation:

According to this email, which purports to be from Australian Internet Service Provider Bigpond, the recipient is required to reply to the message with his or her account email address, and password. Supposedly, the information is required because Bigpond is upgrading its "database servers". The message warns that customers who do not provide the requested information will have problems using the service as a result. The email claims to be a "final warning" about the upgrade from the "Bigpond Upgrade Team".

However, the email is not from Bigpond and the claim that customers must provide account details because of a server upgrade is untrue. In fact, the message is a phishing scam designed to trick Bigpond customers into divulging private account details.

Those who fall for the ruse and reply with the requested details will in fact be handing over access to their accounts to Internet criminals. Once the scammers have this account information, they can then login to the customer's Bigpond account at will, steal or misuse any information stored there and use the customer's email account to send spam or other scam messages. The scammers are likely to change the customer's password so that he or she can no longer access email or Bigpond online services.

Bigpond - or any other legitimate service provider - will never ask customers to send passwords or other private information by replying to an unsecure email. Any message that asks you to reply with such information should be treated as highly suspicious. And, even if Bigpond was upgrading its servers it would not require customers to provide account details via an email. Bigpond, and its parent company Telstra, are regularly targeted by phishing scammers as are other telecommunications companies in Australia and elsewhere around the world.

Scammers often use similar ruses to trick recipients into handing over access to webmail accounts such as those provided by Hotmail and Gmail.

While the version discussed here asks recipients to directly reply to the email with their details, other phishing scams may ask recipients to follow a link that opens a bogus website where they are requested to provide details via an online form. Other variations of such scams may ask users to open and fill in a form attached to the email.

Users should be very cautious of any email purporting to be from their Internet Service Provider or webmail service that asks them to provide passwords and other account details either via email or via an online form.

No comments:

Related Posts Plugin for WordPress, Blogger...