Telstra SCAM EMAIL May 2025
assisted by typedream, Weebly, Loopple, Weebly, Mailchimp & Weebly so far...
assisted by typedream, Weebly, Loopple, Weebly, Mailchimp & Weebly so far...
We often get asked how scammers get access to people's mailboxes, here is a classic example, in this case the scammer is pretending to be Telstra
On a mobile phone screen, chances are that you will only see My Telstra and you won't notice the sender's email address
On a larger computer screen, it is easy to see the sender's email address which is clearly not from Telstra, however it is apparently from a BigPond address, which is of course Telstra, so it may not be obvious to some users
These emails are never personally addressed and that's because they don't know who you are, they just have your email address
They have not even bothered with a genuine Telstra logo
There is a threat that messages will be lost if action is not taken which creates a sense of urgency
The stated deadline is the same date the email was sent (Star Wars Day!) so the sense of urgency is reinforced
The solution is offered in the email via two links, they even offer an option to download a copy of your emails if you do not wish to continue using the email address
The sign-off is quite generic
The Privacy and Our Customer Terms "links" don't go anywhere, not that you should follow any email links anyway!
If you believe the email is genuine, this is where the trouble starts
Both links in the email take you to the same web page
The content of the web page looks fine, it has the proper Telstra logo and it politely asks you to sign in
But the web address is bogus
https://paper-flasher-8142.typedream.app
And you may also notice the Made in typedream in the bottom corner of the page
Most internet users will not notice either clue, they will just focus on the content of the page
More on typedream below
The web page looks like a Telstra Webmail login page, more or less
It is not particularly convincing, but if you don't know what the genuine Telstra Webmail login page looks like, it's pretty close
Again, the web address is not Telstra
But it's also not typedream!
More on Weebly below
The scammer gets your email address and password
The scammer will attempt to login to your mailbox
If they are successful, they will monitor your mailbox for emails relating to financial transactions
They are particularly looking for requests for payment and invoices which they can then modify
If they are successful, you will pay money to the scammer rather than the intended recipient
Use unique passwords, if you use the same password for Facebook, Instagram, eBay and PayPal, you are making it too easy for the scammer
If you have what is known as Multi-Factor Authentication (MFA) attached to your mailbox, the scammer will also need a code from your phone
You may even see a code appear on your phone which may indicate a scammer is trying to open your mailbox
The scammer will usually give up at this point and move on to a softer target without MFA
If you do not have MFA in place, do it now!
We can assist you to set up MFA or you may have a knowledgeable friend, family member or colleague who can help you
Not ethat even with MFA, a scammer may try and pretend to be you and recover your password using a number of recovery methods like secret questions and answers, backup codes etc but as I have mentioned above, this gets progressively more difficult for the scammer and they typically moive on
There are numerous Do-it-Yourself website hosting companies around the world who offer a free trial if you would like to build your own web page
typedream is one of those companies
The idea is that you can build a web site, or indeed a single web page with whatever content you like, including text and images downloaded from other web pages on the Internet
It costs you nothing until you register a domain name and then you pay typedream an annual fee to host the site
But if you are happy with the free web address as per the scam page above, there is no cost at all and you can build as many free web pages as you like
So the scammer uses the web address
https://flower-fin-4579.typedream.app/
for their "Telstra" web page
where the genuine Telstra web address is
https://myid.telstra.com/identity/as/authorization.oauth2?client_id=b2c-webmail&nonce=a6adabc136937797f7deb6441af8c9fa8fa3ee3b4ed5b8b881a81edcea32f277&redirect_uri=https%3A%2F%2Femail.telstra.com%2Flogin%2Foidc%3Fid%3Da78b98eb-935a-4b92-a431-1993124e2b85&response_type=code&scope=openid+username&state=56f9dba026dbb312a6e5d34a4d56517e8306ccb88f14b60fcfef3be31888dcd5
I kid you not, it's no wonder people focus on the content rather than the address of the web page! In fact, the genuine web page address looks quite dodgy and the fake web page address seems a tad more believable....
They have exactly the same business model as typedream where the scammer has created a free web page with the address
https://mailifdnm.weebly.com/
That is a great question, but they need to stop
typedream has a page where you can report scams
https://typedream.com/abuse/reporting-phishing-or-spam
It takes less than a minute to make the report
I have submitted a report about the scam web page on their platform, they usually respond quickly and shut it down
Weebly has a page where you can report scams
https://www.weebly.com/uk/spam
but I could not find it on their website, Google found a 3rd-party reporting site
https://phish.report/contacts/Weebly
which had the above link
I have submitted a report about the scam web page on their platform, they usually quote 1 to 3 business days to respond
I have writen to them to say they need to be a bit quicker
My friend Bill received almost the same email a few days later
The content and scam strategy are largely the same but with different fake web addresses
The fake page has an oversized Telstra logo to say the least!
But the web address is bogus
https://tarsjhre5676543.loopple.com/
And you may also notice the Made with AI Builder in the bottom corner of the page
Most internet users will not notice either clue, they will just focus on the content of the page
More on Loopple below noting that this AI stuff is getting scary when it comes to scammers
Reported to Loopple
The web page looks like a Telstra Webmail login page, more or less
It is not particularly convincing, but if you don't know what the genuine Telstra Webmail login page looks like, it's pretty close
Again, the web address is not Telstra
https://bigggu765432sss.weebly.com/
But it's also not Loopple!
See Weebly comments above
Reported to Weebly
Bill has a BigPond email address which tends to attract spam, so he is a good resoruce for us!
Again, different fake web addresses....
Another genuine Telstra logo
But the web address is bogus, and looks it!
https://us11.campaign-archive.com/?u=c77ee19d0ae0d72881a89ff26&id=e36c02fd8f
And you may also notice the Intuit Mailchimp logo in the bottom corner of the page
This is more complex than the examples above
campaign-archive.com is a domain apparently owned by Mailchimp and used as a free web address pending the registration of a domain name for the website. Scammers don't usually bother to register domains because they know many victims will not notice the web address anyway!
Mailchimp offers a free website builder which is also being used by scammers
As with the other free website platforms above, Mailchimp is hell-bent on selling website hosting and is not aware (or does not care) that scammers are using Mailchimp for malicious purposes
They are relying on people like me to report these sites
Again, a convincing looking fake Telstra Webmail login page
Again, the web address is not Telstra
https://biggg5432345678xzasdtyh.weebly.com/
But it's also not Mailchimp!
See Weebly comments above