Scammers are masquerading as Australia Post to scam unsuspecting victims out of their personal and financial information. The scam involves a series of SMS messages or emails claiming to be from Australia Post and often asks the recipient to confirm a package delivery or to provide sensitive personal information for a missed delivery. We're going to dive into this scam, what to keep an eye out for, and what to do.


Email

Not only do the fake emails seem authentic with realistic logos and colour schemes reminiscent of the real Australia Post aesthetic, but it will also have the sender name 'AUSPOST'.

The key giveaways that these emails are fake are the email addresses, which are on the domains 't2.moe.edu.eg' or 'uteco.edu.do' and are registered in Egypt and the Dominican Republic respectively, and a series of grammatical errors throughout.

There's also a 'Track' button (or something similar) that will direct you to an external website that looks very similar to the 'Track an Item' page that Australia Post uses. The key giveaways here that the site is fake is the URL, which is 'aus-posttrack.store' and is not legit, and a series of grammatical errors on the page. At this stage, the page doesn't contain any dangerous or phishing content and is designed to feign legitimacy in order to lure people into clicking the 'Schedule a new delivery' button. It is here where the attack happens.

The 'Schedule new delivery' button will direct people to a phishing page where they're asked to enter some personal information that includes a credit card number and phone number. DO NOT ENTER YOUR PERSONAL INFORMATION.


SMS message

The fake SMS messages are less sophisticated than the emails and can be identified as something sent by scammers due to issues like:

  • Grammatical errors throughout the text

  • Being sent from a random number rather than 'AusPost'

  • Containing a fake link such as 'digitaltalentspro.com/au'

  • Asking for a shipping fee.

The link in these fake AusPost texts will direct you to a phishing website that will ask for personal information, such as a credit card number and phone number. Like with the fake emails, DO NOT ENTER YOUR PERSONAL INFORMATION.


What to do to stay safe

If you do get one of these scam SMS messages or emails, make sure you do the following so you can stay safe:

  • Report then delete any suspicious messages claiming to be from Australia Post.

  • Never reply with personal information over text, email or phone calls unless you are able to verify the caller or sender.

If you've shared personal or financial details in response to the SMS or email, you need to:

  • Contact your bank immediately to let them know what happened and ask what they can do to help.

  • Change the passwords for any online accounts that might be at risk. Make sure to enable two-factor authentication for an extra layer of security.

  • If you've shared personally sensitive information, such as your driver's licence, passport details, or contact details, visit IDCare for assistance on how to address potential identity theft.

  • File a report with the Australian Cyber Security Centre here.

Australia Post will never email or call people asking for personal or financial information, nor will they call or email people randomly to request payment. They are urging individuals to be cautious of suspicious links via text messages and emails and to report any emails appearing suspicious to scams@auspost.com.au before deleting the content immediately.


If you have any questions or need extra support, we're here to help you anytime in any language. Simply start a chat with us via the home screen of the Sonder app to connect to our team of qualified, caring health professionals.

Information sourced from Australia Post, Australia Post via Twitter, and Mailguard.

Image credit: Rob Johnson at Flickr

All content is created and published for informational purposes only. It is not intended to be a substitute for professional advice. Always seek the guidance of a qualified health professional.

Did this answer your question?