Xmas Parcel Scam - Fake Aust Post Email

Posted by Emmanuel Marshall on 11 December 2017 16:23:36 AEDT

Earlier today, MailGuard stopped a new criminal-intent email from arriving in its customers inboxes. This scam exploits Australia Post's name to gain trust.

As you can see in the screenshot below, this email is meant to make the recipient think that the post office is holding an undelivered parcel for them.


With Xmas right around the corner the timing of this scam is particularly opportunistic. This is the busiest part of the year for parcel delivery, and scammers know that during the holiday season people are distracted and potentially more vulnerable to trickery.

We’re all eager to get our Xmas shopping on time, so we might not think twice before clicking a link in an email like this.

Clicking this link would be a really bad idea. The link would take you to a zipped file that contains malware. MailGuard isolated and halted the malicious file before it could do any harm, but this kind of malware file can do a lot of damage, installing spyware or viruses (see screenshot below).


Xmas Brandjacking

Brandjacking is the scam technique where well known brands are used to deceive victims. Scammers focus on companies and organisations that are so recognisable that people won’t hesitate to click on messages that appear to come from them. The other characteristic that makes an organisation attractive to brandjacking scammers is popularity; if it’s a service we all use, then it’s perfect scam-bait.

It’s hard to think of a better known and trusted institution than the post office, so of course Australia Post branding get’s ripped-off by scammers fairly often.

This is a large scale fraud attempt, so there are going to be a lot of these messages landing in unprotected inboxes.

It’s particularly important to be alert for cybercrime at this time of year. Criminals take advantage of the holiday rush to prey on busy email users, so be careful opening emails.

  • check the ‘sender’ info on email headers carefully
  • rather than clicking on links in messages, open your browser and type the URL in yourself
  • if you’re not sure whether a message is legitimate, phone the organisation it appears to be from and check
  • if you have received a message like this, get in touch with us at MailGuard for free advice: 1300 30 44 30


Take Action to Defend Your Business

Email borne cyberattacks can be enormously costly and destructive, and new scams are appearing every week. Don’t wait until it happens to your business; take action to protect your business and your staff from financial and reputational damage, now.

For a few dollars per staff member per month, add MailGuard's cloud-based email and web filtering protection to your business security. You’ll significantly reduce the risk of new variants of malicious email from entering your network. Talk to an expert at MailGuard today about your company's cybersecurity needs: 1300 30 44 30

Stay up-to-date with new posts on the MailGuard Blog by subscribing to free updates. Click on the button below:

Keep Informed with Weekly Updates




Topics: Australia Post Scam Email cybercrime brandjacking Threat Update

Back to Blog


    Something Powerful

    Tell The Reader More

    The headline and subheader tells us what you're offering, and the form header closes the deal. Over here you can explain why your offer is so great it's worth filling out a form for.


    • Bullets are great
    • For spelling out benefits and
    • Turning visitors into leads.

    Recent Posts

    Posts by Topic

    see all