A nasty parcel delivery scam purporting to be from Australia Post is currently being blocked by MailGuard. With the festive season well and truly upon us, combined with the increase in parcel deliveries due to COVID related restrictions that are still in place nation-wide with customers eagerly awaiting packages, there is no shortage of phishing attempts by cybercriminals who are taking full advantage to steal sensitive credentials for follow-on criminal activity. It’s imperative that Australia Post customers remain vigilant upon receiving any communication pertaining to deliveries, especially one’s that you are not expecting.
In this phishing email, scammers have included the date and time details in the subject of the email, ‘Your package is waiting for delivery 12/06/2021 06:29:54 am’ from the sender ‘Customer’ to try and lure unsuspecting victims into believing this is a legitimate Australia Post communication. The body of the email uses the Australia Post logo and colouring to advise the recipient that their parcel will be delivered after a payment of $4.00AUD. Details such as the package number and ID number are included to further confuse victims.
Here’s what the email looks like:
![Your package is about to return to sender UA808068168190935167543AU - Mozilla Thunderbird_731[33]-1](https://www.mailguard.com.au/hs-fs/hubfs/Your%20package%20is%20about%20to%20return%20to%20sender%20UA808068168190935167543AU%20-%20Mozilla%20Thunderbird_731%5B33%5D-1.png?width=725&name=Your%20package%20is%20about%20to%20return%20to%20sender%20UA808068168190935167543AU%20-%20Mozilla%20Thunderbird_731%5B33%5D-1.png)
Upon closer inspection, the grammatical errors and poor formatting presented throughout the email, as well as the obscure email address, allude to this being a scam. The payment of $4.00AUD to receive a package in the current climate of delivery delays and increased purchases may not seem like a big trade-off, however, it’s important that victims are aware that this is not standard business practice for Australia Post, as confirmed by the national service, "Australia Post will never email, call or text you asking for personal or financial information or payment. Report a suspicious email or text message that appears to be from Australia Post to scams@auspost.com.au and delete it immediately”.
If a user clicks on the ‘Continue to Payment’ red button, they are taken to the first phishing page, that requests the full name and address of the recipient.
After entering these details, victims are taken to a similar page (below), this time asking for their credit card details.
![Personal, Business, Enterprise Tracking — Mozilla Firefox_744[20]](https://www.mailguard.com.au/hs-fs/hubfs/Personal%2c%20Business%2c%20Enterprise%20Tracking%20%E2%80%94%20Mozilla%20Firefox_744%5B20%5D.png?width=1869&name=Personal%2c%20Business%2c%20Enterprise%20Tracking%20%E2%80%94%20Mozilla%20Firefox_744%5B20%5D.png){kind=tracking}
Once these details have been submitted, users are directed to the following verification page, whereby the credit card details are used to process a payment. A technique often used by cybercriminals to feign authenticity.
If you suspect that you have received a scam email pretending to be from Australia Post, the postal service suggests forwarding it to scams@auspost.com.au. More details can be found on their Online Security page here: https://auspost.com.au/about-us/about-our-site/online-security-scams-fraud.
MailGuard advises all recipients of this email to delete it immediately without clicking on any links. Providing your personal details can result in your sensitive information being used for criminal activity and may have a severe negative impact on your business and its’ financial well-being.
MailGuard urges users not to click links or open attachments within emails that:
- Are not addressed to you by name.
- Appear to be from a legitimate company but use poor English or omits personal details that a legitimate sender would include.
- Are from businesses that you were not expecting to hear from, and/or
- Take you to a landing page or website that is not the legitimate URL of the company the email is purporting to be sent from.
One email is all that it takes
All that it takes to devastate your business is a cleverly worded email message that can steal sensitive user credentials or disrupt your business operations. If scammers can trick one person in your company into clicking on a malicious link or attachment, they can gain access to your data or inflict damage on your business.
For a few dollars per staff member per month, you can protect your business with MailGuard's predictive and advanced email security. Talk to a solution consultant at MailGuard today about securing your company's inboxes.
Stay up-to-date with MailGuard's latest blog posts by subscribing to free updates. Subscribe to weekly updates by clicking on the button below.
