Bill payment error scams
One scam that the ACCC has identified is fraudulent emails relating to service bills, the fake emails going so far as to use the Optus logo to impersonate the company, prompting recipients to re-verify account ownership and pay outstanding bills that do not exist. The ACCC confirmed that Optus “is not contacting people about their bills", advising customers to check their accounts independently or contact Optus directly to discuss any concerns.
Fake financial compensation claims
Scam emails are doing the rounds, stating that the data breach “offenders have been prosecuted and ordered to pay a large settlement”, claiming that compromised customers “are eligible to receive a portion” of it.
The ACC has confirmed that there is “no financial restitution being sent to individuals caught in the data breach at this time”.
Medicare payment details
Unfortunately, Medicare details were compromised in the data breach, meaning that some customers may be more susceptible to sophisticated email scams impersonating the Australian Government.
Recipients have been promoted to “kindly update your Electronic Funds Transfer (EFT) payment”.
“Scamwatch has received reports about messages impersonating the government,” the ACC said. “Do not click on links in messages. Instead, go to the official Services Australia website for information.”
Remote access and phone scams
The ACCC has also confirmed that scammers are using the Optus data breach to hack into devices and access personal information.
“Scammers will claim to be from an organisation and provide a reason they need access to your device, including reasons related to the Optus data breach,” it said.
“Scammers may claim they need access to your device to secure it, fix it, investigate what the problem is, or even catch hackers on the device.”
Phone assistance scams
Lastly, the ACCC has released a warning about phone scams relating to the data breach, including those that offer assistance with “identity rectification”.
“Scammers are offering to resolve compromised information documents if the recipient tells them which sort of document of theirs was impacted,” it said.
The latest updates on the Optus databreach can be found here.