Scamwatch: Fake Skymesh Invoices
We recently received a number of enquiries about a scam email that was sent to a large number of Skymesh customers.
What did the scam look like?
The aim of the scam was stealing credit card information, as well as personal information.
This email claimed to be from Skymesh and made references to a ‘missed payment’. Recipients were asked to click on a link and update their payment information, but this link did not lead to My Skymesh and would instead take customers to a third-party site.
The legitimate Skymesh site is located here https://skymesh-uat2.ap-southeast-2.elasticbeanstalk.com – however, the scam message about directed customers to a completely different website. The link in the scam email claims to direct customers to the Skymesh website but, if you mouse-over the address in the scam email, it is clearly leading to a different and illegitimate site.
In this case, the scam email contained a Skymesh logo and it was sent to Skymesh email addresses and may have looked very convincing.
If you clicked on the link and entered your user name and password, you should log in to My Skymesh and change your password immediately. If you use this password anywhere else, you should discontinue use of that password.
If you entered your credit card information, please contact your financial institution immediately.
Is there any thing to be worried about?
The scam email used our Support address for any replies, but this is the same as writing a fake address on the back of a postal envelope.
This does not mean that any of Skymesh’s servers have been breached, or that anyone has stolen confidential information about users from Skymesh.
As a growing service provider, we are just big enough that its profitable for people to pretend to be from Skymesh when creating scam messages. This is similar to scam callers pretending to be “from Telstra” or “from nbn” when dialling Australian numbers.
We have included a link to a pertinent example from the ACCC’s Scamwatch website, here.
How can you stay safe online?
There are some simple steps that any person can use to protect themselves from scams:
- Scam messages will usually try to scare you, panic you or provoke some other emotional response. If you receive an email that seems like its intended to make you upset and it also demands money or personal information from you, it is most likely a scam.
- If you think that a link might not be legitimate, don’t click on it. If you’re asked to call a phone number that might be dodgy, don’t call that number – instead, use Google to look up the number of the Skymesh help-desk to make sure you’re not being lead astray.
- Real messages from Skymesh should contain your name and specific information about your service, as well as an invitation to contact us by emailing our Support inbox or calling our Support hotline if you have any questions.
What does Skymesh do to keep you safe online?
Skymesh provides information to help customers identify spam messages. Unfortunately, its not possible for us to be everywhere or prevent all scam messages. The more stringent we make the filters on our end, the more likely it is that we will also prevent legitimate emails from reaching customers.
Our front-line staff help customers to identify known scams and did an excellent job in responding to an influx of enquiries about this message.
Skymesh provides useful information on our website to help identify scams, here.
We also provided a detailed breakdown of another scam that did the rounds earlier this year, which is available here.
This breakdown is being provided as part of our ongoing commitment to protecting you.
If you receive an email containing a suspect link in future and you’re sure that its a fraud, we encourage you to simply delete it or mark it as spam in your email client.
Our Support staff receive copies of these scam messages so we’re aware of scam messages that are in high circulation.
Our Support team do answer questions from Skymesh customers who would like peace of mind about suspicious emails, so if you are not sure we encourage you to contact us via email or by calling our Support hotline.
We hope this information is useful to you and thank you for your continued support.