Billing Information Spoofing Campaign

Recently, some TELUS customers have received phishing emails, designed to look like a request from TELUS to provide or update their billing information, or make payment on an overdue bill. These emails are part of a phishing campaign designed to trick users into sharing personal information by clicking on a malicious link included in the body of the email. Pretending to be from a company you know and trust and suggesting something bad may happen if you do not follow through (late charges, suspension of service) are typical methods fraudsters use to try pressuring people into taking action before checking the email is from a safe and trusted source.

Please note that TELUS never sends emails or texts to customers asking them for their password or payment information.

How do I know if I’ve received a spoofed phishing email?

We know spotting a phishing email can be difficult. Ask yourself the questions below if you think you’ve received a possible phishing email. These questions can help highlight tell-tale signs of this specific campaign:

  • Does the email start with an impersonal greeting like “Dear” or “Help Customer”?
  • Does the link included in the body of email direct you to a TELUS website? You can easily reveal where a link will take you by hovering your mouse over the link. If the website listed doesn’t match, this is a good sign the link is malicious and should not be clicked on.
    Screen Shot 2018-12-24 at 6.04.22 PM
  • Does the message try to convey a sense of urgency, pressure you into taking immediate action and/or urge you to click on a link or attachment?
  • Is the email from an organization you trust, but is unexpected and/or from someone you don’t know?
  • Is the email asking you to provide personal information, sensitive information, log-in, account information, passwords or PIN?
  • Does the body of the email contain odd, inconsistent formatting and/or spelling mistakes?

If the answer is yes to any of these questions, the email should be treated as a possible phishing attempt.

What is TELUS doing about phishing campaigns?

TELUS is committed to safeguarding our customers’ data. As part of this commitment, TELUS:

  • Works closely with our trusted technology partners to help block phishing attempts. This is an ongoing effort as fraudsters respond to our actions by slightly changing their messages in an attempt to circumvent our protective measures.
  • Contacts web hosts to remove any discovered spoofed website associated with phishing campaigns.
  • Reports confirmed phishing websites to GoogleSymantec and ESET to build awareness about these sites within the security community.

How to report a suspicious email

If you have received a suspicious text message or possible phishing email to your account:

  • Do not click on any links and/or attachments within the suspicious email.
  • Forward the message to the TELUS Internet Abuse team.

Phishing emails can also be reported to the Canadian Anti-Fraud Centre (CAFC), which collects information and criminal intelligence on fraud.

Click here to learn more about reporting fraud to the CAFC or call 1-888-495-8501.