Scam invoices are trying to trick Optus customers

Alex Kidman 5 September 2016

scam_computer_shutterstock_450

Don’t be too quick to click that link in a suspicious-looking Optus bill.

If you’re an Optus customer and your inbox has suddenly received an invoice out of the blue, with clickable options to pay the bill immediately, don't click! Use a little caution.

As Mailguard points out, it’s part of a mass wave of fake Optus invoices being sent out that instead direct you to a fake site that looks like Optus’ payment gateway, but actually isn't.

According to Mailguard, it’s instead a site based in Russia with the URL payoptusbill dot com (we’re not even going to type it so you can’t accidentally end up there) registered less than 24 hours ago that then deploys a rather nasty trojan onto your computer if you click through to the link. If enabled, the trojan will try to nab your personal identity information

Subject lines, addresses and invoice amounts are randomised, so you can’t simply look out for a specific amount or other giveaway that it’s a fake invoice.

But I’m an Optus customer! How can I tell the fakes from the real thing?

The existence of fake invoices isn’t an inbuilt excuse not to pay your very real invoices. You can check for the URL as in this case, but that can be obfuscated too.

The best single way to ensure that your account is accurate and up-to-date if you do receive an email invoice is to note the amount, then open a fresh browser window and head to Optus’ web site. Follow the links on that site to your account portal, sign in and check your invoice details from there. If they match it’s all good, and you can pay your bill as normal.

If the invoice doesn’t appear in your account or doesn’t match, it’s dodgy, and you should delete it without clicking on any links within at all in any way.

Latest broadband headlines

Image: Shutterstock

The latest broadband offers on finder

Ask an Expert

You are about to post a question on finder.com.au:

  • Do not enter personal information (eg. surname, phone number, bank details) as your question will be made public
  • finder.com.au is a financial comparison and information service, not a bank or product provider
  • We cannot provide you with personal advice or recommendations
  • Your answer might already be waiting – check previous questions below to see if yours has already been asked

Finder only provides general advice and factual information, so consider your own circumstances, read the PDS or seek advice before you decide to act on our content. By submitting a question, you're accepting our Terms and Conditions and Privacy Policy.

5 Responses

  1. Default Gravatar
    GwenDecember 28, 2016

    I had a similar email a couple of months ago which I treated as suspicious and deleted. Just now I received an email with a legitimate-looking Optus URL telling me my account was overdue. It looked totally legitimate in layout, colour, spelling, banner ads and so on. Everything was correct, name of account, amount due, date due, etc, etc, etc. I know my credit card expiry date needs updating on some automatic payments so I almost followed through. Two things bothered me. It wouldn’t let me proceed to view my account until I entered my billing details, which was annoying but I dismissed as a programming glitch. I was even thinking “good on Optus, they delete your credit card details when the expiry date has passed”, but THEN my driver’s licence details were requested. I puzzled over why for a few minutes, until I decided to back out and open my Optus account in a separate browser. It was then I remembered I don’t even pay this bill by credit card!!! And sure enough, my bill payments were completely up to date, so this was definitely a scam. I thought I would share this info for the benefit of your followers – - – but I also ask – - – how do these scammers get such accurate billing information in the first place?

    • Staff
      AnndyDecember 28, 2016Staff

      Hi Gwen,

      Thanks for reaching out and I’m sorry to hear about your experience. I’m glad you were not able to proceed in giving your credit card details.

      This matter is best reported to Optus so they can do something to prevent this from happening to their customers in the future.

      Additionally, we have a guide on this page that can help you identify and avoid credit card fraud and scams.

      Cheers,
      Anndy

    • Default Gravatar
      December 28, 2016

      Thanks Anndy, I am happy to confirm I also reported this to Optus. I couldn’t find where to do so on their website, but I found it on the bottom of their invoice, as an afterthought, in small print, yellow on an aqua background – all negatives for us seniors, struggled to read a blessed thing. And the first place I spotted it was on the fake email! Also many thanks for the link, best, Gwen

  2. Default Gravatar
    GregOctober 30, 2016

    About 3 days ago, I opened an bogus Optus email believing it was for a friend that uses my email address. Showed as an account due so opened it to print out for friend. However, I soon realized that it was suspicious file as my computer protection asked permission to access my registry, which I denied. I now have a flashing notification from my Registry Editor asking permission to proceed. I have clicked cancel, closed window, ran Malware and Virus protection, nothing worked, as soon as I clear the notification it reappears. I have tried rebooting the computer, normally and in safe mode, but just got the same result. I wonder how can I get rid of it?

    Thanks in advance,
    Greg

    • Staff
      JasonOctober 30, 2016Staff

      Hi Greg.

      Thank you for reaching out.

      There can be several ways to resolve this concern. First, make sure that you delete the suspicious file that you’ve downloaded. Try closing the suspicious file or application first on Task Manager when it’s not allowing you to delete the file. You can then do a system restore and revert the computer’s system back to a previous date and select the date before you downloaded or opened the bogus Optus email. Please update and run your malware and virus protection software after doing system restore to make sure that your system is protected.

      I hope this helps.

      Cheers,
      Jason

Ask a question
feedback