An oddly styled Australia Post phishing scam has landed in inboxes, aiming to trick unsuspecting recipients into submitting their credit card details in order to receive a package. With a surge in online deliveries, and particularly at this time of the year as we reach peak holiday season, parcel delivery scams impersonating trusted names such as Australia Post are becoming commonplace, with expectant individuals and businesses warned to double-check any correspondence purporting to be from the popular delivery service.
The email sent to victims arrives with a subject heading ‘Your parcel [###] Waiting for delivery’ and seems to indicate that it’s from Australia Post, however, is actually from a Japanese business domain. Without addressing the customer by name (a red flag hinting at its’ illegitimacy), the body of the email informs the recipient that their shipment is ‘still waiting for [your] instructions’ and that it will be shipped as soon as a fee of 4.00 AUD is paid. The email is signed off, with ‘Thanks, The Service Australia Post’.
Here’s what the email looks like:
As you can see from the screenshot above, although scammers have copied Australia Post’s branding and colouring, the use of inconsistent text sizing and unprofessional messaging are signs that this is a scam. However, the inclusion of a package number as well as the company’s logo could very well confuse recipients who are indeed awaiting an urgent package or who are time-poor.
If the victim clicks on the red ‘Send my package’ they are taken to the intermediary page below, that seems to be hosted on a compromised website, before being redirected to a phishing page, asking for more information such as full name, address, phone number, and credit card details.
The phishing page below looks highly convincing, with a professional polish added to the mimicked Australia Post branding elements.
Once this information is entered and submitted, the attacker harvests the credentials for later criminal use, and the user is prompted for SMS authorisation to confirm the bank transfer.
If you suspect that you have received a scam email pretending to be from Australia Post, the postal service suggests forwarding it to firstname.lastname@example.org. More details can be found on their Online Security page here: https://auspost.com.au/about-us/about-our-site/online-security-scams-fraud.
MailGuard advises all recipients of this email to delete it immediately without clicking on any links. Providing your personal details can result in your sensitive information being used for criminal activity and may have a severe negative impact on your business and its’ financial well-being.
MailGuard urges users not to click links or open attachments within emails that:
- Are not addressed to you by name.
- Appear to be from a legitimate company but use poor English, or omit personal details that a legitimate sender would include.
- Are from businesses that you were not expecting to hear from, and/or
- Take you to a landing page or website that is not the legitimate URL of the company the email is purporting to be sent from.
One email is all that it takes.
All that it takes to devastate your business is a cleverly worded email message that can steal sensitive user credentials or disrupt your business operations. If scammers can trick one person in your company into clicking on a malicious link or attachment, they can gain access to your data or inflict damage on your business.
For a few dollars per staff member per month, you can protect your business with MailGuard's predictive and advanced email security. Talk to a solution consultant at MailGuard today about securing your company's inboxes.
Stay up-to-date with MailGuard's latest blog posts by subscribing to free updates. Subscribe to weekly updates by clicking on the button below.