Watch out for fake parcel delivery scams arriving in your inbox this Christmas, the Australian Competition and Consumer Commission (ACCC) warns. It has received 1360 complaints about these scams this year, with AUD 80,000 reported lost to the scammers, who use malware to demand ransoms.
“We’ve received over 100 reports of this scam already this December – more than last December, with only half the month gone,” an ACCC spokesperson said.
“Scammers take advantage of the busy Christmas season to send you emails about a ‘missed parcel delivery’, purportedly from trusted services such as Australia Post or FedEx.” ACCC deputy chair Delia Rickard warned.
“The emails may be personalised with your name and address and look to be from a legitimate company complete with fraudulent logos. The email may mention a fee will be charged while they hold your undelivered item. Scammers ask you to open an attachment or download a file to retrieve your parcel. If you follow these instructions, an executable file (.exe) will load on to your computer and install ransomware as soon as it is opened.”
“Ransomware is a type of malware that freezes your computer and demands a ransom for you to be able to access your computer again. Scammers commonly ask for bitcoins or ask you to transfer money by wire transfer. Even if you pay the fee, there is no guarantee that your computer will be unlocked,” Rickard said.
“If you receive an email about a package, don’t open any attachments or download files. Regularly back-up your computer’s data on a separate hard drive. Follow these steps to protect yourself this Christmas.”
Some useful tips:
- Australia Post will put a notice in your letter box if a package was undeliverable. Delete any email claiming to be from Australia Post about an undelivered package.
- Do not click on links or download files in emails you receive out of the blue – especially if they are executable (.exe) files or zip files. These files are likely to contain malware.
- If you are suspicious about a ‘missed’ parcel delivery, call the company directly to verify that the correspondence is genuine. Independently source the contact details through an internet search or phone book – do not rely on numbers provided.
- Buy yourself (or your business) a stand-alone hard drive for Christmas. These have become relatively inexpensive and can save you a lot if your computer is infected by malware or ransomware.
- Regularly back-up your computer’s data on a separate hard drive. If your computer is infected by malware or ransomware you can restore the factory settings and easily re-install all of your software and data.
You can report scams to the ACCC via Scamwatch (link is external) or by calling 1300 795 995. If the scammer has posed as a legitimate company, you should also report the incident to them.
Edited by Peter Needham