A highly authentic looking Australia Post scam has been making the rounds as of June 2022 and causing a lot of confusion. The scam involves a series of SMS messages or emails claiming to be from Australia Post and often asks the recipient to confirm a package delivery or to provide sensitive personal information for a missed delivery. We're going to dive into this scam, what to keep an eye out for, and what to do.


Email

Not only do the fake emails seem authentic with realistic logos and colour schemes reminiscent of the real Australia Post aesthetic, but it will also have the sender name 'AUSPOST'.

The key giveaways that these emails are fake is the email address, which are on the domains 't2.moe.edu.eg' or 'uteco.edu.do' and are registered in Egypt and the Dominican Republic respectively, and a series of grammatical errors throughout.

There's also a 'Track' button (or something similar) that will direct you to an external website that looks very similar to the 'Track an Item' page that Australia Post uses. The key giveaways here that the site is fake is the URL, which is 'aus-posttrack.store' and is not legit, and a series of grammatical errors on the page. At this stage the page doesn't contain any dangerous or phishing content and is designed to feign legitimacy in order to lure people into clicking the 'Schedule a new delivery' button. It is here where the attack happens.

The 'Schedule new delivery' button will direct people to a the phishing page where they're asked to enter some personal information that includes a credit card number and phone number. DO NOT ENTER YOUR PERSONAL INFORMATION.


SMS message

The fake SMS messages are less sophisticated than the emails and can be identified as something sent by scammers due to issues like:

  • Grammatical errors throughout the text

  • Being sent from a random number rather than 'AusPost'

  • Containing a fake link such as 'digitaltalentspro.com/au'

  • Asking for a shipping fee.

The link in these fake AusPost texts will direct you to a phishing website that will ask for personal information, such as a credit card number and phone number. Like with the fake emails, DO NOT ENTER YOUR PERSONAL INFORMATION.


What to do

Australia Post will never email or call people asking for personal or financial information, nor will they call or email people randomly to request payment. They are urging individuals to be cautious of suspicious links via text messages and emails, and to report any emails appearing suspicious to scams@auspost.com.au before deleting the content immediately.

Related reading:


If you have any questions or need extra support, we're here to help you anytime in any language. Simply start a chat with us via the home screen of the Sonder app to connect to our team of qualified, caring health professionals.

Information sourced from Australia Post, Australia Post via Twitter, and Mailguard.

Image credit: Rob Johnson at Flickr

All content is created and published for informational purposes only. It is not intended to be a substitute for professional advice. Always seek the guidance of a qualified health professional.

Did this answer your question?