By Ben Talintyre For Daily Mail Australia
04:47 26 May 2023, updated 07:47 26 May 2023
- Australia Post scam exposed by Aussie bloke
- Customers warned about realistic scam
Australia Post customers are being warned of a sneaky trick where scammers are posing as the delivery company to steal personal information and money.
Australian social media star Tups issued the alert to Australia Post customers after he almost fell victim to the phishing attack.
The scammers impersonate the postal service with a text message to potential victims, that states: ‘AusPost: Delivery attempted on 22/5; track your package at www.auspost-shipment.life to reschedule.
If the recipient clicks on the link, they’re taken to a phishing page, almost an exact replica of the Australia Post tracking site.
The fake Australia Post website then prompts victims to provide their credit details in order to receive their package.
Tups says he would have fallen victim to the scam if he didn’t have the time to call and check with Australia Post.
A few telling clues will help you spot the scam.
Firstly, Australia Post says it will never request payments or personal information over the phone, through text or by email.
Secondly, the formatting of the email is not quite as clean as you would expect from Australia Post and doesn’t use any branding except for the red that you typically see in its logo.
Thirdly, the website URL is different to Australia Post’s official website – which is www.auspost.com.au.
‘It is so easy to fall for,’ Tups csaid.
‘The crazy thing is all the links go to the Australia Post’s official page, Facebook.
‘When I rang (Australia Post) the chick she told me that she had already received several phone calls about it.
‘If I didn’t have the day off to check I would literally have an empty bank account.
‘Stay vigilant guys, they are getting smart. Question everything.’
He showed that the email has all the drop-down menus and tick boxes that mimic the tracking site.
‘Hats off to them, it’s on the money,’ he said.
‘They really nailed this one 10/10’.
Alongside the text message, some Aussies are receiving a similar email from scammers pretending to be Australia Post.
‘The email itself heavily uses Australia Post’s branding, and aside from a few grammatical errors in the text, it is hard to distinguish it from a genuine email,’ cybersecurity software provider MailGuard said.
The email claims the customer’s package is on hold and they need to pay a $3 fee to redirect it to their address.
If the recipient clicks on the pay the fee button, they’re taken to a phishing page.
MailGuard warns that other than some grammatical errors in fine print and the site is very advanced and the errors would often be overlooked.
The user is asked to verify their address and supply personal information which would then be harvested, including the credit card details entered to make the payment.
The victim would then be instructed to enter a one-time code sent to their mobile, a seemingly harmless move but something that would allow cybercriminals to verify the authenticity of the card details which they have stolen.
In 2022, Australia Post delivered 2.7 billion items, making it one of the biggest delivery services in the country.