Compromised Email Accounts


If you’ve received a notification from us stating that your Telstra email account has been compromised, we believe your email address and password have been obtained without your permission.

There are a number of ways this may have occurred. For example, someone may have sent emails claiming to be from a company that you do business with and then coerced you to reveal your personal information. Visiting harmful web pages that install malware on your computer can also put your personal information at risk.

It’s important to understand why, and what you can do to prevent it from happening in future.


So your email account has been compromised. Now what?

If we detect suspicious activity, we will temporarily suspend your account to prevent someone else from using it. We understand that this can be inconvenient, but we take your privacy very seriously, and want to ensure we protect you from having any further personal details compromised.

You’ll need to contact us and state ‘compromised email account’ so we can help you through the process to reactivate your email account.

Once your account is reactivated, there are a few steps you can take to further protect your account and minimise the likelihood of it being suspended again:

  1. Check the filtering and forwarding rules in your email to ensure these have not been changed without your knowledge
  2. Make sure your antivirus software is up to date and run a virus scan on your computers or device(s) to ensure there is no malware or viruses present. Please ensure your anti-virus software is up to date before running the scan. If you don’t have security software, we highly recommend you invest in a program to help you and your family stay safe online
  3. Update the passwords for all your associated email accounts.


To change your password:

  1. Sign in to My Telstra using your Telstra ID.
  2. If you have more than one account, you will need to select the relevant account from the blue bar at the top of the screen.
  3. Click onSelect the Profile icon on the top right of the screen.
  4. Select Manage Mailboxes from the left-hand menu.Select Manage next to mailbox.
  5. Select the correct email address and clickselect the Manage Mailboxes link.
  6. A new screen will open, then click and thenselect Change Password.
  7. Follow the rest of the prompts and select Save.
  8. Repeat for each of your accounts.



How can I minimise the risk of my account being compromised again in the future?

You can take the following actions to keep your account safer and make it easier to recover if it’s ever compromised again.


1. Create a strong password for your account (and don't tell anyone!):

  • Make it at least eight (8) characters long.
  • Don't use your username, real name, your kid’s names, common words or company names.
  • Don't use simple passwords - e.g. "password1234" or "qwertyuiop".
  • Make it significantly different from previous passwords and don't use the same password for all of your accounts.
  • Include a combination of uppercase and lowercase letters, numbers, and symbols (such as !, #, *).
  • Use random words, rather than random characters, to remember passwords easier - e.g.:
    • "adgj1541A@" is hard to remember.
    • "CapitolCopperGlueTeam5" is easier to remember.


2. Make sure your antivirus and operating system have the latest updates.

Most antivirus programs operating systems have free software updates to enhance security and performance. Because updates are important for keeping your computer safer, Telstra strongly recommends that you set up your computer to get these updates automatically.


3. Never reply to email asking for your password, personal information or financial information.

Telstra will never ask for your password or other personal details in email, so never reply to an email asking for any personal information (even if they claim to be from Telstra, BigPond, Microsoft, Windows, Hotmail, Outlook etc...).


4. Never download unsolicited software, apps or plugins (including toolbars, browser extensions etc.).

5. Be careful signing in to your account from public computers or unsecured wireless networks.

  • If you often use public computers or unsecure wireless connections, consider changing your account to always use HTTPS via Webmail.
  • Visit for more information






Still need to get in touch