Telstra SCAM EMAIL May 2025

On a mobile phone screen, chances are that you will only see My Telstra and you won't notice the sender's email address

On a larger computer screen, it is easy to see the sender's email address which is clearly not from Telstra, however it is apparently from a BigPond address, which is of course Telstra, so it may not be obvious to some users

These emails are never personally addressed and that's because they don't know who you are, they just have your email address

They have not even bothered with a genuine Telstra logo

There is a threat that messages will be lost if action is not taken which creates a sense of urgency

The stated deadline is the same date the email was sent (Star Wars Day!) so the sense of urgency is reinforced

The solution is offered in the email via two links, they even offer an option to download a copy of your emails if you do not wish to continue using the email address

The sign-off is quite generic

The Privacy and Our Customer Terms "links" don't go anywhere, not that you should follow any email links anyway!

If you believe the email is genuine, this is where the trouble starts

Both links in the email take you to the same web page

The content of the web page looks fine, it has the proper Telstra logo and it politely asks you to sign in

But the web address is bogus
https://paper-flasher-8142.typedream.app

And you may also notice the Made in typedream in the bottom corner of the page

Most internet users will not notice either clue, they will just focus on the content of the page

More on typedream below

The web page looks like a Telstra Webmail login page, more or less

It is not particularly convincing, but if you don't know what the genuine Telstra Webmail login page looks like, it's pretty close

Again, the web address is not Telstra

https://mailifdnm.weebly.com/ 

But it's also not typedream!

More on Weebly below

There are numerous Do-it-Yourself website hosting companies around the world who offer a free trial if you would like to build your own web page

typedream is one of those companies

The idea is that you can build a web site, or indeed a single web page with whatever content you like, including text and images downloaded from other web pages on the Internet

It costs you nothing until you register a domain name and then you pay typedream an annual fee to host the site

But if you are happy with the free web address as per the scam page above, there is no cost at all and you can build as many free web pages as you like

So the scammer uses the web address
https://flower-fin-4579.typedream.app/
for their "Telstra" web page
where the genuine Telstra web address is
https://myid.telstra.com/identity/as/authorization.oauth2?client_id=b2c-webmail&nonce=a6adabc136937797f7deb6441af8c9fa8fa3ee3b4ed5b8b881a81edcea32f277&redirect_uri=https%3A%2F%2Femail.telstra.com%2Flogin%2Foidc%3Fid%3Da78b98eb-935a-4b92-a431-1993124e2b85&response_type=code&scope=openid+username&state=56f9dba026dbb312a6e5d34a4d56517e8306ccb88f14b60fcfef3be31888dcd5 

I kid you not, it's no wonder people focus on the content rather than the address of the web page! In fact, the genuine web page address looks quite dodgy and the fake web page address seems a tad more believable....

They have exactly the same business model as typedream where the scammer has created a free web page with the address
https://mailifdnm.weebly.com/  

That is a great question, but they need to stop

typedream has a page where you can report scams
https://typedream.com/abuse/reporting-phishing-or-spam
It takes less than a minute to make the report

I have submitted a report about the scam web page on their platform, they usually respond quickly and shut it down

Weebly has a page where you can report scams
https://www.weebly.com/uk/spam
but I could not find it on their website, Google found a 3rd-party reporting site
https://phish.report/contacts/Weebly
which had the above link

I have submitted a report about the scam web page on their platform, they usually quote 1 to 3 business days to respond

I have writen to them to say they need to be a bit quicker

The fake page has an oversized Telstra logo to say the least!

But the web address is bogus
https://tarsjhre5676543.loopple.com/ 

And you may also notice the Made with AI Builder in the bottom corner of the page

Most internet users will not notice either clue, they will just focus on the content of the page

More on Loopple below noting that this AI stuff is getting scary when it comes to scammers

Reported to Loopple

The web page looks like a Telstra Webmail login page, more or less

It is not particularly convincing, but if you don't know what the genuine Telstra Webmail login page looks like, it's pretty close

Again, the web address is not Telstra

https://bigggu765432sss.weebly.com/

But it's also not Loopple!

See Weebly comments above

Reported to Weebly

Another genuine Telstra logo

But the web address is bogus, and looks it!
https://us11.campaign-archive.com/?u=c77ee19d0ae0d72881a89ff26&id=e36c02fd8f

And you may also notice the Intuit Mailchimp logo in the bottom corner of the page

This is more complex than the examples above

campaign-archive.com is a domain apparently owned by Mailchimp and used as a free web address pending the registration of a domain name for the website.  Scammers don't usually bother to register domains because they know many victims will not notice the web address anyway!

Mailchimp offers a free website builder which is also being used by scammers

As with the other free website platforms above, Mailchimp is hell-bent on selling website hosting and is not aware (or does not care) that scammers are using Mailchimp for malicious purposes

They are relying on people like me to report these sites

Reported to Mailchimp

Again, a convincing looking fake Telstra Webmail login page

Again, the web address is not Telstra

https://biggg5432345678xzasdtyh.weebly.com/

But it's also not Mailchimp!

See Weebly comments above

Reported to Weebly