Wednesday, February 20, 2008

Australia: Telstra Helps Phishers pwn Its Customers

Liam Tung writes on the ZDNet.co.au "Securify This!" Blog:

Following a rash of Telstra customers reporting phishing attacks, the telco has issued advice on how to discern the real Telstra from fake ones -- but the advice it gives is more likely to help phishers than its customers.

Telstra customers will continue receiving marketing e-mails, despite being targeted by phishing e-mails and fake Telstra doorknockers.

"We do communicate with clients by e-mail. That always includes the full company name and ABN (Australian Business Number). We also ask customers to log in to the Mybigpond secure Web page. We never ask customers to send confidential e-mails, we don't include links to download and only include attachments if there is a strong reason to explain why," a Telstra spokesperson said.

Well, this is pretty handy information. If you're a phisher, simply type "Telstra ABN" into Google and you're half way there to gaining a user's trust.

More here.

0 Comments:

Post a Comment

<< Home