Scammers Exploit Bigpond’s Name the Australian ISP through E-mails

Scam e-mails masquerading as messages from Australia's Bigpond, the widely-subscribed ISP (Internet Service Provider) across the country, have been detected targeting innocent end-users, reported softpedia.com dated August 6, 2012.

Displaying a caption "Bigpond Security Service" and addressing recipients as Bigpond customer, the scam electronic mail tells that the user's access to each and every sensitive function of the ISP's e-mail account has been tentatively restricted, therefore for regaining the lost account access, he requires answering the e-mail instantly while providing his username and password.

The e-mail then states that because the Bigpond customer (e-mail recipient) receives plenty of spam/junk e-mails everyday, the ISP is presently upgrading its spam filter and every e-mail account for preventing entry of unsolicited e-mails. This is for maintaining the safety of its customer's account as also for upgrading its just enhanced E-mail account facilities towards making sure there's no interruption in the ISP's service to the individual. The user must answer the current e-mail quickly while giving his user ID and password so Bigpond can improve his e-mail account with the requisite features.

Moreover, once the user responds to the e-mail, he'll be sent one confirmation web-link with which he can activate his e-mail again by following the "Confirmation E-mail" web-link followed with typing in the given 1265-6778-8250-8393-5727 confirmation number, the e-mail concludes.

But, the e-mail isn't surely a Bigpond message, state security researchers who further state that everything said in it apparently, on behalf of Bigpond, is untrue. Indeed, it's a phishing e-mail, which makes an attempt at duping readers into revealing the login credentials for personal accounts on Bigpond for cyber-criminals to gain admission into them, the researchers explain.

And once, the crooks know the login details they'll likely compromise the Bigpond accounts followed with exploiting them for own illegal activities.

The entire procedure involves first altering the login credentials in order that the actual accountholders can't get admission into their own e-mails. Thereafter, the crooks may compromise those e-mail accounts for using them in executing more scam or spam assaults. And finally, they may even filch some personal data regarding the victims from the said hijacked accounts.

Related article: Scammers Collect MySpace Passwords Via Phishing

» SPAMfighter News - 8/11/2012