FAKE Internode EMAIL
Greg Williams - 9 November 2022
The number of email scams is increasing rapidly, it was already pretty bad but recent data breaches by Optus & Medibank, among others, has increased the likelihood that you will receive a very convincing scam email, SMS or phone call sooner rather than later!
In this case, one of our customers (thanks LC!) reported this attempted scam email today
It starts with an email...
The sender email address is not true but looks convincing
undisclosed-recipients is a red flag
the sense of urgency is also a red flag
Never Click here unless you know how to spot a fake web page
The Internode web address takes you to the genuine Internode web page but next time it may not be
The Internode phone number is genuine but next time it may not be
The only reason I know which links are genuine and which links are dangerous is because I click on them! Do not try this at home.
What happens if you Click here?
The web address is clearly bogus
Scammers get away with dodgy web addresses because a) plenty of people find web addresses hard to comprehend anyway and b) there is always a primary focus on the content of the web page
So, in this case, there is an authenticate looking Internode login page, in fact an exact copy of the genuine Internode Webmail page
Ironically, the scammers have even copied the text from a genuine Internode login page which gives you enough information (if you read it, and who does...) to see that the web page address is in fact bogus!
So, what happens if I sign in to the scam web page?
Nek Minnit, the scammer is inside your mailbox looking for an opportunity to steal your money
They will particularly look for any hint of financial transactions, passwords or login credentials and then create havoc
The scammer can add filters to your mailbox which hides the genuine email you received and they replace it with a fake email
That fake email could change banking details for a payment you need to make, and they can also alter PDF invoices so that you pay the scammer's bank account rather than the intended recipient
They can also harvest your contacts and email them pretending to be you, and so it goes on
The irony?
If Internode actually had multi-factor authentication (MFA) for their customer mailboxes, scammers would have little chance of success with this type of scam. Like a house-breaker who moves on to the less-secure house in the street, scammers will move on to a less secure mailbox if you have MFA attached to your email login
For more information
Contact us for more information as to how you can stay secure online