Watch out! This new scam targeting Australia Post customers is tricky to spot
- Replies 3
Technology is a double-edged sword. On one hand, it is a wonderful tool that provides us with online resources to make our lives easier. On the other, it is host to cybercriminals looking to make quick cash.
And now, there’s a new scam that’s been making rounds and targeting Australia Post customers.
Cybersecurity expert Mail Guard warned Australia Post customers about a new email scam that’s trying to steal their credit card details and personal information.
They said that the scam impersonates the postal service and sends an email with the subject line: ‘invalid address, we couldn’t find you.’
According to Mail Guard, the email appears to come from Australia Post, with the address using the same URL as the postal service’s official website.
The sender’s name shows ‘Australia Post’ with a very legitimate-looking reply address: ‘ausposts(at)auspost(dot)com(dot)au’.
However, if you look closely, the actual sender address is ‘noprely(at)gmbh(dot)de’, which is under a German domain.
Then, it will tell the customer that they have entered an invalid email address for a shipment and will request a ‘correction service’ fee.
Once the recipient clicks on the link in the email to ‘correct’ their address, they will be redirected to a phishing site that uses the Australia Post logo, and will ask the user to confirm their delivery address to ‘ensure express delivery’. The scammer adds a time pressure element by explaining that any letters confirmed before 5 pm will have their parcels delivered the next day.
Then, the user is asked to enter their phone number, email address, full street address, and city.
At the bottom of the page, the user will see an image of the registered post label to help maintain a sense of authenticity.
While the page itself is quite convincing, the URL has no mention of Australia Post and the victim is now on a compromised website.
After adding personal details, the user will then be redirected to a ‘card verification’ page, where they’re warned that they will be charged a fee before asking to enter their credit card details, such as:
Finally, the victim will be taken to an SMS confirmation page where they will be asked to enter a one-time password that’s sent to their mobile.
This is a common tactic in credit card scams where the con artist will attempt to charge the card to check its validity before storing it for future use.
But some clues will help you spot the scam.
Firstly, Australia Post has said that it will never request payments or personal information over the phone, through text messages, or via email. Users are also advised to delete the email immediately and avoid opening any links.
Secondly, the formatting of the email that Mail Guard intercepted is not as ‘clean’ as one would expect from the postal service, and doesn’t use any branding except for the colour red that people usually see in their logos.
The email will also warn that customers will only have two days to pay the fee and correct their information before the package is returned to its sender, creating a false sense of urgency for the victim. The note will usually read: ‘Note: unconfirmed parcels/registered letters will be returned to the merchant within 48 hours’ at the bottom of the email.
‘The emails generally create a sense of urgency and pressure the recipient to act quickly, which can lead to them providing personal information or clicking on malicious links without carefully considering the email's authenticity,’ Mail Guard explained.
Cybersecurity experts at Mail Guard also stated that parcel delivery scams are a common choice for phishing attacks because they are simple to execute and because a lot of people are waiting on packages.
‘Typically, the scammer poses as a legitimate postage or freight company, such as DHL, FedEx, or Australia Post, and sends an email saying that delivery was attempted but unsuccessful, before asking for a “redelivery fee”,’ the cybersecurity expert added.
Moreover, since the scammer only demands a few dollars for the ‘correction fee’, victims might be more willing to accept the charge because they’re eager to receive their parcel. In the instances above, the fee to be collected is $4.92.
This comes after a scam message made rounds over the holiday season, where victims received messages from an ‘AusPost’ sender ID. An example of the text may read: ‘15/11/2022 We couldn’t contact you regarding your order.’
Then it will ask you to update your information and send you a message with a phishing link similar to this: ‘please update your information: https://aushort.net/’, but once you click on the link it will also lead to a fake Australia Post website that’s designed to steal personal and financial information. More details about this scam can be read here.
Visit Australia Post’s website here for more information regarding scams that impersonate them. Scamwatch also offers resources to protect yourself from cybercriminals; all of the information you need can be read here.
Lastly, if you or someone you know has fallen victim to a scam, alert the authorities immediately and report it here.
Please, always be wary of these scams, members! Have you encountered any of these messages before or have you seen something similar? Share your thoughts and experiences in the comments below!
And now, there’s a new scam that’s been making rounds and targeting Australia Post customers.
Cybersecurity expert Mail Guard warned Australia Post customers about a new email scam that’s trying to steal their credit card details and personal information.
They said that the scam impersonates the postal service and sends an email with the subject line: ‘invalid address, we couldn’t find you.’
According to Mail Guard, the email appears to come from Australia Post, with the address using the same URL as the postal service’s official website.
Cybercriminals are impersonating Australia Post in the new scam. Credit: Mail Guard
The sender’s name shows ‘Australia Post’ with a very legitimate-looking reply address: ‘ausposts(at)auspost(dot)com(dot)au’.
However, if you look closely, the actual sender address is ‘noprely(at)gmbh(dot)de’, which is under a German domain.
Then, it will tell the customer that they have entered an invalid email address for a shipment and will request a ‘correction service’ fee.
Once the recipient clicks on the link in the email to ‘correct’ their address, they will be redirected to a phishing site that uses the Australia Post logo, and will ask the user to confirm their delivery address to ‘ensure express delivery’. The scammer adds a time pressure element by explaining that any letters confirmed before 5 pm will have their parcels delivered the next day.
Then, the user is asked to enter their phone number, email address, full street address, and city.
At the bottom of the page, the user will see an image of the registered post label to help maintain a sense of authenticity.
This page will ask you for your personal details. Credit: Mail Guard
While the page itself is quite convincing, the URL has no mention of Australia Post and the victim is now on a compromised website.
After adding personal details, the user will then be redirected to a ‘card verification’ page, where they’re warned that they will be charged a fee before asking to enter their credit card details, such as:
- Name on their card
- Card number
- Card Expiry with the format MM/YY
- CVC
Then the page will redirect you to a site asking you to enter your credit card information. Credit: Mail Guard
Finally, the victim will be taken to an SMS confirmation page where they will be asked to enter a one-time password that’s sent to their mobile.
This is a common tactic used by cybercriminals. Credit: Mail Guard
This is a common tactic in credit card scams where the con artist will attempt to charge the card to check its validity before storing it for future use.
But some clues will help you spot the scam.
Firstly, Australia Post has said that it will never request payments or personal information over the phone, through text messages, or via email. Users are also advised to delete the email immediately and avoid opening any links.
Secondly, the formatting of the email that Mail Guard intercepted is not as ‘clean’ as one would expect from the postal service, and doesn’t use any branding except for the colour red that people usually see in their logos.
The email will also warn that customers will only have two days to pay the fee and correct their information before the package is returned to its sender, creating a false sense of urgency for the victim. The note will usually read: ‘Note: unconfirmed parcels/registered letters will be returned to the merchant within 48 hours’ at the bottom of the email.
‘The emails generally create a sense of urgency and pressure the recipient to act quickly, which can lead to them providing personal information or clicking on malicious links without carefully considering the email's authenticity,’ Mail Guard explained.
Mail Guard said these types of scams will create a sense of urgency by giving a deadline to the customers. Credit: Thirdman/Pexels
Cybersecurity experts at Mail Guard also stated that parcel delivery scams are a common choice for phishing attacks because they are simple to execute and because a lot of people are waiting on packages.
‘Typically, the scammer poses as a legitimate postage or freight company, such as DHL, FedEx, or Australia Post, and sends an email saying that delivery was attempted but unsuccessful, before asking for a “redelivery fee”,’ the cybersecurity expert added.
Moreover, since the scammer only demands a few dollars for the ‘correction fee’, victims might be more willing to accept the charge because they’re eager to receive their parcel. In the instances above, the fee to be collected is $4.92.
This comes after a scam message made rounds over the holiday season, where victims received messages from an ‘AusPost’ sender ID. An example of the text may read: ‘15/11/2022 We couldn’t contact you regarding your order.’
Then it will ask you to update your information and send you a message with a phishing link similar to this: ‘please update your information: https://aushort.net/’, but once you click on the link it will also lead to a fake Australia Post website that’s designed to steal personal and financial information. More details about this scam can be read here.
Visit Australia Post’s website here for more information regarding scams that impersonate them. Scamwatch also offers resources to protect yourself from cybercriminals; all of the information you need can be read here.
Lastly, if you or someone you know has fallen victim to a scam, alert the authorities immediately and report it here.
.png){kind=icon}
