Consumer controversies
Telkom’s Email Scare: What Really Happened and Why It Matters
A cyber attack that slipped through, and how Telkom shut it down
For one tense week in June 2025, Telkom was caught in the digital crossfire. An employee’s email account was compromised between 6 and 12 June, allowing phishing emails to be sent from what looked like a legitimate Telkom address. The subject lines? “TELKOM GROUP” and “TELKOM SA.” For many inboxes, that was enough to raise an eyebrow, or worse, prompt a click.
While phishing scams are nothing new, what rattled many was that this one came from inside the house, or at least looked like it did. Fortunately, the response was fast and firm. Telkom’s cybersecurity team shut it down, launched a forensic investigation, and tightened its internal controls. The company says the incident has now been fully contained, with no sensitive customer data breached.
Also read: New Chinese Cars Are Shaking Up South Africa’s Used-Car Market
What actually happened?
In short, an employee’s mailbox was hijacked, and phishing emails were sent to external recipients pretending to be official Telkom communication. These messages may have urged users to click on suspicious links or engage in fraudulent activity. But unlike most spam, they came from a real Telkom email address, making them harder to spot.
Once discovered, Telkom immediately contained the breach. In a public statement, the company said there was no evidence that financial data, ID numbers, or other personal information was accessed.
What should you do if you receive the email?
If you received an email with either of those subject lines, “TELKOM GROUP” or “TELKOM SA,” and haven’t opened it yet, delete it immediately.
If you did open it or click on any links, report it to your IT department and scan your device for malware. You can also reach out directly to [email protected] for guidance or reporting.
Why this matters beyond Telkom
South Africans are no strangers to phishing scams. From bank spoofing to fake delivery notices, our inboxes have become digital minefields. But when a trusted brand like Telkom gets exploited, even unintentionally, it hits differently. It raises questions about how cybercriminals are getting smarter and how businesses must stay a step ahead.
The fact that Telkom took quick action is encouraging, but it’s also a reminder that even large organisations with robust IT systems are not immune.
Image 1: iStock
How Telkom responded
The company has:
-
Blocked the compromised account
-
Deployed external cybersecurity experts for forensic analysis
-
Applied additional security controls internally
-
Kept operations running without any reported service disruption
The response appears to have been thorough and transparent, with Telkom committing to issue further updates if any new risks arise.
What the public is saying
On forums like MyBroadband and Twitter/X, the reaction has been mixed. Some applauded Telkom’s transparency. Others questioned how a phishing attempt was able to escalate through an internal channel in the first place.
One user posted, “Glad it’s contained, but if it came from inside their own server, what stopped it from being worse?” Another said, “Props to Telkom for owning it quickly. Wish our banks would act this fast when their names are misused.”
The bigger picture
This isn’t just a Telkom problem. It’s a 2025 problem. As cyber threats grow more sophisticated, email remains one of the weakest links in any digital environment, whether you’re a giant telecom or a freelancer with a Gmail account.
If there’s a lesson here, it’s this: vigilance matters. Whether you’re a customer, employee, or business owner, don’t click unless you’re sure. And always question unexpected messages, even if they look legit.
Also read: Lovisa’s Sparkle Under Scrutiny: Jewellery Brand Slammed for Misleading SA Consumers
Follow Joburg ETC on Facebook, Twitter , TikTok and Instagram
For more News in Johannesburg, visit joburgetc.com
Source: TechFinancials
Featured Image: MyBroadband
