Hi Folks, I just received this smish claiming to be from optus.
The domain instantly flagged me as suss. I detonated the link at app.any.run which took me to a captcha page to make it look more legit and also to validate im a real person not a tool or robot.
Once I submitted the captcha it took me to a clone of the real optus customer login page, asking for me to enter in my credentials (so the attacker could harvest them).
'Test@test.com' and 'test' failed stating it was incorrect, looks like they have setup the email address field looking for an @optusnet.com.au address. Entering in a email@example.com and password of password it happily harvested my credentials and redirected me to the real optus website (as expected). Always be vigilant for these types of phishing scams and always go direct to the site its mentioning, not following any links.
The IoC's for this one: