Telstra and Optus Impersonation Scams — How Criminals Use Your Phone Company Against You

Telecommunications companies — particularly Telstra and Optus — are among the most impersonated organisations in Australia by telephone scammers. Because virtually every Australian has a mobile phone and broadband connection, a call claiming to be from your telco has an extremely wide potential victim pool. And because most Australians have had genuine frustrations with their telecommunications service at some point, a call about connection problems is immediately credible.

What Fake Telco Callers Want

These calls typically claim there is a critical problem with your service or that you are owed a refund. Their actual goals are: to get you to install remote access software like AnyDesk or TeamViewer — giving them full control of your computer and access to your banking; to get your account login details or personal information to enable SIM swapping; or to get you to purchase gift cards as payment for fake security upgrades or service restoration fees. All three goals can result in significant financial losses and are difficult or impossible to reverse once completed.

The SIM Swap Attack — Explained

SIM swapping is particularly damaging because it compromises not just your phone but every account that uses SMS-based two-factor authentication — which includes most Australian bank accounts. The attacker calls your mobile carrier posing as you, provides personal details obtained from data breaches or social media, and requests your phone number be transferred to a new SIM they possess. Once successful, your phone loses service and the attacker receives all your calls and SMS messages — including every bank one-time code sent to verify transactions. This is why MFA via authenticator app is more secure than SMS-based MFA.

Impersonation of Your Internet Provider

Callers may specifically impersonate your internet service provider — which they may know from data that links your name and suburb to your provider — rather than generic "Telstra" or "NBN." This level of personalisation makes the call seem more credible. The caller may know your name, your suburb, and sometimes your account details obtained from data breaches or public information.

How to Respond

Hang up on any unsolicited call claiming to be from Telstra, Optus, your internet provider, or NBN Co about connection problems, security issues, or refunds. Do not press any numbers or engage with the call. Call your provider directly using the number on your bill or their official website — not any number provided by the caller. If you are concerned about your service, log in to your account directly through the provider's app or website. Never install software at the instruction of an unsolicited caller, and never purchase gift cards for any reason requested over the phone.

After You Have Hung Up

If you have received one of these calls and are concerned there may be a genuine issue with your service, contact your provider directly using the number on your bill or the official website — not any number provided by the caller. Log in to your account through the official app to check for any genuine notifications. In virtually every case, there is no actual issue — the call was entirely fraudulent. If you have already given information to a scammer or allowed remote access to your computer, contact your bank's fraud line immediately, change all passwords from a clean device, and run a full security scan.

Reporting and Protecting Others

Report these scam calls to Scamwatch at scamwatch.gov.au. Your report helps the ACCC track scam operations and warn other Australians. If you received the call on a mobile, you can also report the number to your carrier — Telstra, Optus, and Vodafone all have processes for reporting scam numbers, and in some cases can block or flag these numbers for other customers. If you experienced a SIM swap, contact your mobile carrier's fraud team and change the passwords and recovery options on all accounts that use that phone number for MFA. IntrusionX provides security awareness education for businesses and families — contact us to learn more.