AusPost phishing scam hits inboxes

MailGuard on Tuesday identified several new scam emails purporting to come from Australia Post.

In a post on LinkedIn, MailGuard CEO Craig McDonald said one of the emails that is being sent by cybercriminals suggest that a parcel could not be delivered to the email recipient. It urges the user to click a link to ‘Get Shipping Label’ before bringing it to Australia Post outlets, McDonald said.

Clicking on the link takes the user to a fake AusPost landing page, McDonald said.

“The URL is not even remotely close to that of the legitimate AusPost URL, which is http://auspost.com.au,” he said.

The recipient is asked to click on “download information” to retrieve the shipping label but upon doing so, the recipient is actually downloading an executable dropper/malware which can potentially download a form of crypto ransomware, McDonald said in his post.

“Downloading ransomware will lock all files by encrypting them on the local device or network, with a ransom demanded to be paid before files can be decrypted,” McDonald said.

McDonald said the cybercriminals behind this scam are sending the email from different email addresses. Also each email contains a different URL, which makes it harder for anti-virus vendors to identify and block,” he said.

Cybercriminals also used the Australia Post brand in early February this year in an email scam offering people a job working from home for the organisation.

Follow CIO Australia on Twitter and Like us on Facebook… Twitter: @CIO_Australia, Facebook: CIO Australia, or take part in the CIO conversation on LinkedIn: CIO Australia

Follow Byron Connolly on Twitter:@ByronConnolly