[James Gutierrez]

Aussies beware: Recent data breach opens floodgates for a string of scams​

Although we here at the SDC are heartbroken that so many of our fellow Australians have had their personal information and privacy compromised in the recent Optus data breach just last month, we're not surprised that opportunistic cybercriminals have used this news as an opportunity to roll out a wide variety of scams.

There were thousands of complaints sent to the Australian Competition and Consumer Commission (ACCC) in the weeks after the breach.

We've also been hearing reports of fake compensation claims, SIM card replacement requests, verification prompts, and general threats to customers coming in from all over the country.

As if being worried about our personal information floating around on the dark web wasn't enough!

Customers are now having to deal with hundreds of scammers who are taking advantage of people's concerns (as well as their lack of knowledge) about what's going on.

If you or someone you know has been affected by this data breach – either directly or indirectly – please keep reading for more information on how you can protect yourself against these dangerous scams.

The recent Optus data breach has been used by opportunistic scammers to launch several scams. Credit: AAPIMAGE/Bianca de Marchi.

Here are some of the various scams to look out for:

Bill payment error scams

There has been an increase in phishing emails posing as payment mistake warnings, asking recipients to verify account ownership by clicking a link so that the recipient's bill can be completed.

These frauds falsely claim to be affiliated with Optus by exploiting the company's name and logo.

One scam reads: 'There has been an issue with your monthly direct debit to pay for our services. We require you to update all information below, and pay all unpaid balances via our portal below.'

The ACCC has confirmed that Optus is not contacting customers to ask them to 'update' their billing information, and they have advised anyone who has received such a message to verify their accounts on their own or to contact the company via a verified channel.

'Use the organisation's secure app if it has one, or log in to its website using your normal login. You can also call the organisation back using a phone number you have sourced independently, such as from the Contact Us page on the organisation's official website.'

A fake email from Optus prompts recipients to verify their billing information. Credit: ACCC.

Compensation claims scams

Emails falsely state that users who had their information leaked are eligible for a part of the hefty payment that the data breach perpetrators have been required to pay after being ‘convicted and sentenced’.

The ACCC declared this to be a fraud and refuted any claims of financial compensation currently being provided.

'There is no financial restitution being sent to individuals caught in the data breach at this time,' they said.

A new scam is said to offer customer compensation for the Optus data breach. Credit: ACCC.

Email account closure scams

The ACCC has also raised the alarm about what looks like automatically generated emails alerting users to the expiration of their passwords and other account credentials on a specific date.

The phishing emails ask the recipients to click on links so the sender can 'recover' the user's emails and keep the same password.

The ACCC said: 'Optus is not threatening email account closure if you do not update your password or verify your personal information.'

Optus is not threatening email account closure if you do not update your password or verify your personal information. Credit: ACCC.

Ransom threat scams

Another newly reported scam is a text message informing the victim that a ransom of $1 million must be paid in cash because Optus has not replied to a previous ransom demand.

Scammers behind these messages pretend to be the cybercriminals behind the initial data breach and demand immediate payment to the bank account provided.

'If you receive demands to pay money with a threat that your information will be released, delete the message. Scammers are pretending to be hackers to make you give them money,' confirmed the ACCC.

Ransom threats from scammers claiming to be the Optus data breach hackers should be deleted. Credit: ACCC.

Medicare payment details scam

Given that the data breach exposed Medicare information, some recipients would be more likely to fall for a scam asking them to 'update' their Electronic Funds Transfer (EFT) payment.

The email is full of links to other parts of the company's website and promises that clicking them will initiate 'payments for benefits' to the recipient. These messages feature the Medicare and Australian Government logo.

'Scamwatch has received reports about messages impersonating the government,' the ACCC said, adding: 'It is not from the Australian Government – it is a Medicare/MyGov scam.'

'Do not click on links in messages. Instead, go to the official Services Australia website for information.'

A Medicare scam is prompting recipients to update their payment details to receive benefits. Credit: ACCC.

Remote access and phone scams

Scammers are taking advantage of the Optus data breach to conduct remote access attacks, in which they convince victims to install malware on their computer or mobile device so that they may gain unauthorised access to it.

Some examples of remote access software mentioned by the ACCC are TeamViewer QuickSupport, AnyDesk, and Zoho Assist.

'Scammers will claim to be from an organisation and provide a reason they need access to your device, including reasons related to the Optus data breach,' it said.

'Scammers may claim they need access to your device to secure it, fix it, investigate what the problem is, or even catch hackers on the device.'

Phone assistance scams

The ACCC has issued a warning about potential phone scammers related to the data breach, including those who claim to be able to help with 'identity rectification'.

'Scammers are offering to resolve compromised information documents if the recipient tells them which sort of document of theirs was impacted,' it said.

Instead of having a suspicious person 'help' you, please adhere to the instructions given here on IDCARE's official help website.

Key Takeaways

• Recent reports of scams targeting Optus customers following the data breach include fake compensation claims, SIM card replacement requests, verification prompts, and general threats.
• The millions of Optus customers who had personal details exposed last month are now being warned of the long list of new scams capitalising on their concerns.
• As customers work on updating their compromised information, scammers are posing as the Optus billing department and security department, Medicare, and even as the hackers involved in the initial data breach.
• These scams use the Optus logo and branding to appear legitimate and often include threats or promises of financial compensation.
• Customers are advised to be vigilant and to only update their information through official channels, such as the Optus website or app, and to not click on links or download software from unfamiliar sources.

What to do if you think scammers have actually used your information

• If you have been a victim of cybercrime or identity fraud you can report to the police via Reportcyber.
• Contact your bank or financial institution immediately
• You can contact IDCARE, a free service that can help people recover from cybercrime or stolen identity.
• IDCARE is Australia and New Zealand’s national identity and cyber support service, they provide a free and confidential support service for those impacted by scams and identity crimes. you can contact IDCARE at 1800 595 160.
• Report scams to https://www.scamwatch.gov.au.

Always keep your guard up, everyone! We hope that you and your family will find this information useful. Visit the Scam Watch forum on the SDC website for up-to-date information on current scams and frauds.

 

[lozat54]

Aussies beware: Recent data breach opens floodgates for a string of scams​

Although we here at the SDC are heartbroken that so many of our fellow Australians have had their personal information and privacy compromised in the recent Optus data breach just last month, we're not surprised that opportunistic cybercriminals have used this news as an opportunity to roll out a wide variety of scams.

There were thousands of complaints sent to the Australian Competition and Consumer Commission (ACCC) in the weeks after the breach.

We've also been hearing reports of fake compensation claims, SIM card replacement requests, verification prompts, and general threats to customers coming in from all over the country.

As if being worried about our personal information floating around on the dark web wasn't enough!

Customers are now having to deal with hundreds of scammers who are taking advantage of people's concerns (as well as their lack of knowledge) about what's going on.

If you or someone you know has been affected by this data breach – either directly or indirectly – please keep reading for more information on how you can protect yourself against these dangerous scams.

View attachment 7377

The recent Optus data breach has been used by opportunistic scammers to launch several scams. Credit: AAPIMAGE/Bianca de Marchi.

Here are some of the various scams to look out for:

Bill payment error scams

There has been an increase in phishing emails posing as payment mistake warnings, asking recipients to verify account ownership by clicking a link so that the recipient's bill can be completed.

These frauds falsely claim to be affiliated with Optus by exploiting the company's name and logo.

One scam reads: 'There has been an issue with your monthly direct debit to pay for our services. We require you to update all information below, and pay all unpaid balances via our portal below.'

The ACCC has confirmed that Optus is not contacting customers to ask them to 'update' their billing information, and they have advised anyone who has received such a message to verify their accounts on their own or to contact the company via a verified channel.

'Use the organisation's secure app if it has one, or log in to its website using your normal login. You can also call the organisation back using a phone number you have sourced independently, such as from the Contact Us page on the organisation's official website.'

View attachment 7378

A fake email from Optus prompts recipients to verify their billing information. Credit: ACCC.

Compensation claims scams

Emails falsely state that users who had their information leaked are eligible for a part of the hefty payment that the data breach perpetrators have been required to pay after being ‘convicted and sentenced’.

The ACCC declared this to be a fraud and refuted any claims of financial compensation currently being provided.

'There is no financial restitution being sent to individuals caught in the data breach at this time,' they said.

View attachment 7380

A new scam is said to offer customer compensation for the Optus data breach. Credit: ACCC.

Email account closure scams

The ACCC has also raised the alarm about what looks like automatically generated emails alerting users to the expiration of their passwords and other account credentials on a specific date.

The phishing emails ask the recipients to click on links so the sender can 'recover' the user's emails and keep the same password.

The ACCC said: 'Optus is not threatening email account closure if you do not update your password or verify your personal information.'

View attachment 7381

Optus is not threatening email account closure if you do not update your password or verify your personal information. Credit: ACCC.

Ransom threat scams

Another newly reported scam is a text message informing the victim that a ransom of $1 million must be paid in cash because Optus has not replied to a previous ransom demand.

Scammers behind these messages pretend to be the cybercriminals behind the initial data breach and demand immediate payment to the bank account provided.

'If you receive demands to pay money with a threat that your information will be released, delete the message. Scammers are pretending to be hackers to make you give them money,' confirmed the ACCC.

View attachment 7379

Ransom threats from scammers claiming to be the Optus data breach hackers should be deleted. Credit: ACCC.

Medicare payment details scam

Given that the data breach exposed Medicare information, some recipients would be more likely to fall for a scam asking them to 'update' their Electronic Funds Transfer (EFT) payment.

The email is full of links to other parts of the company's website and promises that clicking them will initiate 'payments for benefits' to the recipient. These messages feature the Medicare and Australian Government logo.

'Scamwatch has received reports about messages impersonating the government,' the ACCC said, adding: 'It is not from the Australian Government – it is a Medicare/MyGov scam.'

'Do not click on links in messages. Instead, go to the official Services Australia website for information.'

View attachment 7382

A Medicare scam is prompting recipients to update their payment details to receive benefits. Credit: ACCC.

Remote access and phone scams

Scammers are taking advantage of the Optus data breach to conduct remote access attacks, in which they convince victims to install malware on their computer or mobile device so that they may gain unauthorised access to it.

Some examples of remote access software mentioned by the ACCC are TeamViewer QuickSupport, AnyDesk, and Zoho Assist.

'Scammers will claim to be from an organisation and provide a reason they need access to your device, including reasons related to the Optus data breach,' it said.

'Scammers may claim they need access to your device to secure it, fix it, investigate what the problem is, or even catch hackers on the device.'

Phone assistance scams

The ACCC has issued a warning about potential phone scammers related to the data breach, including those who claim to be able to help with 'identity rectification'.

'Scammers are offering to resolve compromised information documents if the recipient tells them which sort of document of theirs was impacted,' it said.

Instead of having a suspicious person 'help' you, please adhere to the instructions given here on IDCARE's official help website.

Key Takeaways

• Recent reports of scams targeting Optus customers following the data breach include fake compensation claims, SIM card replacement requests, verification prompts, and general threats.
• The millions of Optus customers who had personal details exposed last month are now being warned of the long list of new scams capitalising on their concerns.
• As customers work on updating their compromised information, scammers are posing as the Optus billing department and security department, Medicare, and even as the hackers involved in the initial data breach.
• These scams use the Optus logo and branding to appear legitimate and often include threats or promises of financial compensation.
• Customers are advised to be vigilant and to only update their information through official channels, such as the Optus website or app, and to not click on links or download software from unfamiliar sources.

What to do if you think scammers have actually used your information

• If you have been a victim of cybercrime or identity fraud you can report to the police via Reportcyber.
• Contact your bank or financial institution immediately
• You can contact IDCARE, a free service that can help people recover from cybercrime or stolen identity.
• IDCARE is Australia and New Zealand’s national identity and cyber support service, they provide a free and confidential support service for those impacted by scams and identity crimes. you can contact IDCARE at 1800 595 160.
• Report scams to https://www.scamwatch.gov.au.

Always keep your guard up, everyone! We hope that you and your family will find this information useful. Visit the Scam Watch forum on the SDC website for up-to-date information on current scams and frauds.

Just never clink on a link!!! Always contact the organisation & verify the supposed employee from the phone number on their official website, NOT on any number given in the correspondence you received!! How many times are we told these things?!?!?!?!?

 

[Tipsy]

Aussies beware: Recent data breach opens floodgates for a string of scams​

Although we here at the SDC are heartbroken that so many of our fellow Australians have had their personal information and privacy compromised in the recent Optus data breach just last month, we're not surprised that opportunistic cybercriminals have used this news as an opportunity to roll out a wide variety of scams.

There were thousands of complaints sent to the Australian Competition and Consumer Commission (ACCC) in the weeks after the breach.

We've also been hearing reports of fake compensation claims, SIM card replacement requests, verification prompts, and general threats to customers coming in from all over the country.

As if being worried about our personal information floating around on the dark web wasn't enough!

Customers are now having to deal with hundreds of scammers who are taking advantage of people's concerns (as well as their lack of knowledge) about what's going on.

If you or someone you know has been affected by this data breach – either directly or indirectly – please keep reading for more information on how you can protect yourself against these dangerous scams.

View attachment 7377

The recent Optus data breach has been used by opportunistic scammers to launch several scams. Credit: AAPIMAGE/Bianca de Marchi.

Here are some of the various scams to look out for:

Bill payment error scams

There has been an increase in phishing emails posing as payment mistake warnings, asking recipients to verify account ownership by clicking a link so that the recipient's bill can be completed.

These frauds falsely claim to be affiliated with Optus by exploiting the company's name and logo.

One scam reads: 'There has been an issue with your monthly direct debit to pay for our services. We require you to update all information below, and pay all unpaid balances via our portal below.'

The ACCC has confirmed that Optus is not contacting customers to ask them to 'update' their billing information, and they have advised anyone who has received such a message to verify their accounts on their own or to contact the company via a verified channel.

'Use the organisation's secure app if it has one, or log in to its website using your normal login. You can also call the organisation back using a phone number you have sourced independently, such as from the Contact Us page on the organisation's official website.'

View attachment 7378

A fake email from Optus prompts recipients to verify their billing information. Credit: ACCC.

Compensation claims scams

Emails falsely state that users who had their information leaked are eligible for a part of the hefty payment that the data breach perpetrators have been required to pay after being ‘convicted and sentenced’.

The ACCC declared this to be a fraud and refuted any claims of financial compensation currently being provided.

'There is no financial restitution being sent to individuals caught in the data breach at this time,' they said.

View attachment 7380

A new scam is said to offer customer compensation for the Optus data breach. Credit: ACCC.

Email account closure scams

The ACCC has also raised the alarm about what looks like automatically generated emails alerting users to the expiration of their passwords and other account credentials on a specific date.

The phishing emails ask the recipients to click on links so the sender can 'recover' the user's emails and keep the same password.

The ACCC said: 'Optus is not threatening email account closure if you do not update your password or verify your personal information.'

View attachment 7381

Optus is not threatening email account closure if you do not update your password or verify your personal information. Credit: ACCC.

Ransom threat scams

Another newly reported scam is a text message informing the victim that a ransom of $1 million must be paid in cash because Optus has not replied to a previous ransom demand.

Scammers behind these messages pretend to be the cybercriminals behind the initial data breach and demand immediate payment to the bank account provided.

'If you receive demands to pay money with a threat that your information will be released, delete the message. Scammers are pretending to be hackers to make you give them money,' confirmed the ACCC.

View attachment 7379

Ransom threats from scammers claiming to be the Optus data breach hackers should be deleted. Credit: ACCC.

Medicare payment details scam

Given that the data breach exposed Medicare information, some recipients would be more likely to fall for a scam asking them to 'update' their Electronic Funds Transfer (EFT) payment.

The email is full of links to other parts of the company's website and promises that clicking them will initiate 'payments for benefits' to the recipient. These messages feature the Medicare and Australian Government logo.

'Scamwatch has received reports about messages impersonating the government,' the ACCC said, adding: 'It is not from the Australian Government – it is a Medicare/MyGov scam.'

'Do not click on links in messages. Instead, go to the official Services Australia website for information.'

View attachment 7382

A Medicare scam is prompting recipients to update their payment details to receive benefits. Credit: ACCC.

Remote access and phone scams

Scammers are taking advantage of the Optus data breach to conduct remote access attacks, in which they convince victims to install malware on their computer or mobile device so that they may gain unauthorised access to it.

Some examples of remote access software mentioned by the ACCC are TeamViewer QuickSupport, AnyDesk, and Zoho Assist.

'Scammers will claim to be from an organisation and provide a reason they need access to your device, including reasons related to the Optus data breach,' it said.

'Scammers may claim they need access to your device to secure it, fix it, investigate what the problem is, or even catch hackers on the device.'

Phone assistance scams

The ACCC has issued a warning about potential phone scammers related to the data breach, including those who claim to be able to help with 'identity rectification'.

'Scammers are offering to resolve compromised information documents if the recipient tells them which sort of document of theirs was impacted,' it said.

Instead of having a suspicious person 'help' you, please adhere to the instructions given here on IDCARE's official help website.

Key Takeaways

• Recent reports of scams targeting Optus customers following the data breach include fake compensation claims, SIM card replacement requests, verification prompts, and general threats.
• The millions of Optus customers who had personal details exposed last month are now being warned of the long list of new scams capitalising on their concerns.
• As customers work on updating their compromised information, scammers are posing as the Optus billing department and security department, Medicare, and even as the hackers involved in the initial data breach.
• These scams use the Optus logo and branding to appear legitimate and often include threats or promises of financial compensation.
• Customers are advised to be vigilant and to only update their information through official channels, such as the Optus website or app, and to not click on links or download software from unfamiliar sources.

What to do if you think scammers have actually used your information

• If you have been a victim of cybercrime or identity fraud you can report to the police via Reportcyber.
• Contact your bank or financial institution immediately
• You can contact IDCARE, a free service that can help people recover from cybercrime or stolen identity.
• IDCARE is Australia and New Zealand’s national identity and cyber support service, they provide a free and confidential support service for those impacted by scams and identity crimes. you can contact IDCARE at 1800 595 160.
• Report scams to https://www.scamwatch.gov.au.

Always keep your guard up, everyone! We hope that you and your family will find this information useful. Visit the Scam Watch forum on the SDC website for up-to-date information on current scams and frauds.

you people do realise that the federal government are desperately seeking a reason to forcibly bring in digital ID's for everyone and with this all happening it would help them immensely, So how do we know that these DATA Breaches have not been done by or set up by them.... we have to be very very mindful of what our governments do behind our backs so I would not put it past them

 

[Ricci]

I'm so over all this stuff, we all know what we should and should not be doing. There has been enough press on this subject that I'm sorry, if you get caught up in it now it's really down to you, you were warned, several times and explicitly.

 

[68autobug]

Well, while reading Your Seniors Discount Club on Wednesday, I clicked on how to check My IQ. My computer locked up , with messages of ringing an 03 number to have the problem fixed. So I did ring the number and I was told My bank accounts were being accessed etc. but it was this person who was accessing My bank account, credit cars etc including Paypal.. I have lost about $2000 .. they bought Woolworths gift cards etc.. The Commonwealth Band said they now about these Hackers who are located in Fitzroy in Victoria. My 74 year old brain was a bit slow, but It will never happen again.. [hopefully].. Bugbuyer Lee

 

[BRIAN KK]

My 70 year old brain wasn't working too clearly after a near death episode with my wife. I did something sillyand downloaded "anydesk" but had second thoughts half way thru it. Scammers were still able to move money around my accounts and then tried to withdraw and the bank froze my accounts and rang me immediately. Scamwatch was pretty useless, can't remember if they had me running in circles or I had to be a pc nerd to act on this, but I felt let down by them at the time.