With the subject line ‘URGENT ACCOUNT REVALIDATION PROCESS’ the hoax email asks members to undergo re-validation process by replying to the email with their iiNet password and full name according to an iiNet advisory.
The ISP received several reports from users and participants of popular online forum, Whirlpool, according to Simon Parker, Network Operations Centre Manager at iiNet,
“As soon as we picked that up we took action,” Parker said. "Those [emails] that hadn’t been read were actually removed and cleaned out. Unfortunately some people would have read the emails so we put the email page up and advised people immediately.”
The iiNet advisory urges those that replied to the email to immediately reset their passwords by visiting their account toolbox at https://toolbox.iinet.net.au/ or by calling the iiNet support team.
“We actually suggest that people change their user names and passwords on a regular basis, it’s just good computer security,” Parker said.
According to the advisory, iiNet will never ask users to confirm passwords via email. Furthermore, Parker said this was the first time iiNet had fallen victim to a scam such as this.
Asked how the attackers conducted the campaign, Parker said they often run scripts that will send emails to everything at a domain name such as simon@iinet.net.au.
The Commonwealth Bank of Australia released a
similar warning in early February after the popular bank discovered a phishing attack trying to steal user account details.