Have you been shopping online or are you expecting a Christmas delivery?
Don’t be fooled by emails from scammers posing as postal or courier service providers.
Scammers are looking to cash-in on the Christmas mail rush by phishing for a fee to re-deliver a parcel that doesn’t exist. In other cases, they are either out to steal your personal details or hold your computer to ransom.
These types of scams are common in the festive season and are on the rise. This year, more than $100,000 has been lost to parcel delivery scams with over 400 complaints to the Australian Competition and Consumer Commission.
How the scam works
You receive an email which looks like the real deal complete with logos. The email may appear to be from a legitimate company or business department such as the ‘FedEx Delivery Department’.
The scammer will claim that they have been unsuccessful in delivering a parcel because it was too large or no one was home at the time of delivery. However, for a small cost, re-delivery can be quickly arranged.
The scammer will ask for you to pay the re-delivery fee by handing over your bank account details, or by sending money via international wire transfer. If you transfer money, you’ll never see it again.
In other cases, you will be asked to click on a link or open an attachment to verify your personal details to assist with the re-delivery. If you do, your computer could be infected with malicious software and your identity compromised.
In another variation, you may be directed to a website (possibly claiming to be Australia Post) and asked to download an executable file (.exe). This will install ‘ransomware’ on your computer.
Ransomware is a type of malware that restricts access to the computer that it infects, and demands a ransom be paid for the restriction to be removed.
Even if you pay the ransom, there is no guarantee your computer will be unlocked and you’re likely to be up for expensive repairs and lose your data.
How to protect yourself
If you are in any doubt about the authenticity of an email, don’t handover any details or click on the links or attachments.
Contact the postal provider or the delivery service directly using their official customer service number to verify if it is genuine.
It also pays to regularly back-up your computer’s data on a separate hard-drive in case your computer is infected by malware or ransomware.
If you think you have provided your banking or credit card details to a scammer contact your bank or financial institution immediately.
You can report scams to the ACCC via the report a scam page at www.scamwatch.gov.au