Delivery scams are a favourite of cybercriminals, and the latest example spoofing Australia Post is no exception. Arriving in inboxes across the country, the subject line claims that your ‘Package AU289903100715 is on hold’.
The branding of the email suggests that the notification is from Australia Post, however the sender display name is ‘Customer’, and the actual sending email address is ‘support(at)karadagarabakiralama(dot)com’.
An example of the email is shown below:
The email implies that there is a small fee outstanding of ‘AUD 3.00’, which must be paid in order for the package to be delivered. Clicking the prominent, ‘Send my package’ button, leads victims to a frauduluent ‘AusPost’ site comprising a series of phishing pages designed to harvest user credentials.
The first page, as shown below, requests that you confirm your full name, address, phone number and email address.
The next page prompts the user to submit their credit card details, including the card number, expiry date and security code (CVV). Notice that the ‘Redelivery fee’ amount has now changed slightly, from ‘AUD 3.00’ to ‘4.00 AUD’, one of several errors in the content and composition of the emails and webpages that should alert respondents that the email is in fact a scam.
The final step in the scammers process is a ‘Verified by Visa’ prompt to enter a ‘One-time Passcode’ to verify the payment and confirm shipping. What is really happening here, is that the cybercriminals are processing their own payment using the credit card details and mobile number supplied.
Sadly, scams like this one are not uncommon. They leverage your trust in familiar brands and institutions like Australia Post, and with the ubiquity of delivery services, the breadth of victims impacted is likely to be extensive. Scams impersonating Australia Post are not uncommon, such as this one from April this year.
MailGuard advises all recipients of this email to delete it immediately without clicking on any links. Providing your personal details can result in your sensitive information being used for criminal activity and may have a severe negative impact on your business and its financial well-being.
MailGuard urges users not to click links or open attachments within emails that:
- Are not addressed to you by name.
- Appear to be from a legitimate company but use poor English or omits personal details that a legitimate sender would include.
- Are from businesses that you were not expecting to hear from, and/or
- Take you to a landing page or website that is not the legitimate URL of the company the email is purporting to be sent from.
Many businesses turn to MailGuard after an incident or a near miss, often as a result of an email similar to the one shown above. If unwanted emails are a problem for your business, don’t wait until it’s too late.
Reach out to our team for a confidential discussion by emailing expert@mailguard.com.au or calling 1300 30 44 30.
One email is all that it takes
All that it takes to devastate your business is a cleverly worded email message that can steal sensitive user credentials or disrupt your business operations. If scammers can trick one person in your company into clicking on a malicious link or attachment, they can gain access to your data or inflict damage on your business.
For a few dollars per staff member per month, you can protect your business with MailGuard's predictive and advanced email security. Talk to a solution consultant at MailGuard today about securing your company's inboxes.
Stay up-to-date with MailGuard's latest blog posts by subscribing to free updates. Subscribe to weekly updates by clicking on the button below.
