Australia Post scam emails contains ransomware that will encrypt your files – user beware!
The Australian Government has issued a warning about the current round of phishing emails purporting to be sent by Australia Post. The scam emails contain a ransomware payload that encrypts your data and invites you to pay a ransom to unencrypt it.
Phishing emails pretending to be from Australia Post as well as other well-known organisations have been targeting Australians with crypto-malware (also known as ransomware).
Australia Post has published a warning about the emails, which claim to advise that a ‘courier was unable to deliver a parcel’. Australia Post’s warning also includes a list of possible sender email addresses used for the scam.
The Australian Broadcasting Corporation (ABC) today reported its ABC News 24 services were affected as a result of an ‘IT issue’ related to the Australia Post phishing campaign.
Australia Post stresses it does not send messages of this kind. Similar phishing emails may also appear to originate from other courier companies such as FedEx and UPS. If you receive a message you suspect of being a phishing or a scam email, you should delete it.
The Australia Post website has also published the following:
Australia Post continues to warn customers about emails which advise that a “courier” was unable to deliver a parcel to their address. The email sender has a prefix of info@ and a suffix of any of the following (eg. firstname.lastname@example.org or email@example.com):
auspost-home.com (or biz, org, info, net)
auspost-trackit.com (or biz, org, info, net)
australia-post.net (or biz, org, info)
eparcel-tracking.com (or biz, org, info, net)
au-stpost.net (or biz, org, info)
aust-pst.com (or net, org)
auspost-eparcel.com (or biz, org, info, net)
austpst.org (or info, net)
auspost-tracking24.com (or biz, org, info, net)
auspost-tracking.com (or biz, org, info, net)
austpost-eparcel.com (or biz, org, info, net)
auspost-parcel.com (or biz, org, info, net)
auspost-delivery.com, auspost-delivery.net, auspost-delivery.org
aust-post.com (or biz, org, info, net)
aus-post.com (or biz, org, info)
au-post.com (or biz, org, info, net)
aut-post.info (or biz, su)
postaust.com (or biz, org, info, net)
The email then requests the customer to view and print information about their package and to go to their local post office to collect the package.
These emails are similar to a scam we warned customers about in November 2013, February and July 2014, which required the customer to remit a payment first in order to be able to print the article label.
The emails have not originated from Australia Post and appear to be targeting customers.
Australia Post does not request customers to remit a payment for parcel collection nor does it charge customers for holding a parcel.
If you receive this email, please delete it.
If you have fallen victim to the scam, please call the Australian Competition and Consumer Commission (ACCC) on 1300 795 995 to report the matter to SCAMwatch.
Note: The aim of these scam emails is to collect personal / financial information or to install a malicious virus such as ‘ransomware’ which can ‘take over’ your PC. Recovery of infected systems is virtually impossible without clean backups. Prevention is the best approach to any malware. It’s vital that you know the warning signs of a phishing scam. If you suspect your computer or network is infected by ransomware, you should seek technical advice immediately.
There are very few protections against this type of ransomware attack, even if you have decent antivirus installed there is no guarantee that your systems will be safe from attack.
Prevention is the best cure – be very vigilant when you see such emails and if in doubt, don’t open them!