Menu
Menu
​AusPost phishing scam hits inboxes

​AusPost phishing scam hits inboxes

Each email contains a different URL, making it harder for anti-virus vendors to identify and block, said MailGuard CEO Craig McDonald

A screenshot of one of the emails that is being sent by cybercriminals

A screenshot of one of the emails that is being sent by cybercriminals

MailGuard on Tuesday identified several new scam emails purporting to come from Australia Post.

In a post on LinkedIn, MailGuard CEO Craig McDonald said one of the emails that is being sent by cybercriminals suggest that a parcel could not be delivered to the email recipient. It urges the user to click a link to ‘Get Shipping Label’ before bringing it to Australia Post outlets, McDonald said.

Clicking on the link takes the user to a fake AusPost landing page, McDonald said.

“The URL is not even remotely close to that of the legitimate AusPost URL, which is http://auspost.com.au,” he said.

The recipient is asked to click on “download information” to retrieve the shipping label but upon doing so, the recipient is actually downloading an executable dropper/malware which can potentially download a form of crypto ransomware, McDonald said in his post.

“Downloading ransomware will lock all files by encrypting them on the local device or network, with a ransom demanded to be paid before files can be decrypted,” McDonald said.

McDonald said the cybercriminals behind this scam are sending the email from different email addresses. Also each email contains a different URL, which makes it harder for anti-virus vendors to identify and block,” he said.

Cybercriminals also used the Australia Post brand in early February this year in an email scam offering people a job working from home for the organisation.

Follow CIO Australia on Twitter and Like us on Facebook… Twitter: @CIO_Australia, Facebook: CIO Australia, or take part in the CIO conversation on LinkedIn: CIO Australia

Follow Byron Connolly on Twitter:@ByronConnolly

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

Join the CIO newsletter!

Error: Please check your email address.

Tags australia postemail scamCraig McDonaldcybercriminalsAusPost

More about Australia PostFacebookTwitter

Show Comments

Market Place

Computerworld
ARN
Techworld
CMO