The Australian Competition and Consumer Commission is warning online shoppers to watch out for fake parcel delivery scams arriving in email inboxes this Christmas.
The ACCC’s Scamwatch has received over 4,300 complaints about this scam in 2016, more than triple the number received in 2015.
The ACCC says 350 people reported providing their personal information to scammers, including bank account details.
“Unfortunately this scam is particularly effective during the holiday season with so many Australians going online to buy Christmas presents. There is nothing festive about this scam - scammers will use it to steal your personal information and lighten your wallet,” ACCC Deputy Chair Delia Rickard said.
“Scammers typically send emails pretending to be from Australia Post or FedEx, to try and trick you into believing you have an ‘undeliverable package’. In some cases, these emails may include your name and address and include legitimate-looking company information, complete with fake logos.”
“The email may threaten to charge you a fee for holding your ‘undelivered item’, and will ask you to open an attachment, click a link or download a file to retrieve your parcel. If you follow these instructions, you will likely download a ransomware virus that locks your computer.”
“To unlock your computer, scammers demand payment in the form of bitcoins (a form of online currency) or wire transfer. Even if you pay the fee, there is no guarantee that you will be able to access your computer again.
“Australia Post will never call you out of the blue to request payment or send you an email asking you to click on an attachment. If you receive an email about an undeliverable package, don’t open any attachments or download files – delete it straight away,” Ms Rickard said.
- Australia Post will put a notice in your letter box if a package was undeliverable. Delete any email claiming to be from Australia Post about an undelivered package.
- Do not click on links or download files in emails you receive out of the blue - especially if they are executable (.exe) files or zip (.zip) files. These files are likely to contain malware or ransomware viruses.
- If you are suspicious about a ‘missed’ parcel delivery email, call the company directly to verify that the correspondence is genuine. Independently source the contact details through an internet search or phone book – do not rely on numbers provided in the suspicious email.
- Regularly back up your computer’s data on a separate hard drive. If your computer is infected by malware or ransomware you can restore the factory settings and easily re-install all of your software and data.
- Buy yourself (or your business) a standalone hard drive for Christmas. These have become relatively inexpensive and can save you a lot if your computer is infected by malware or ransomware.
Consumer can report scams to the ACCC via the Scamwatch report a scam page.
You can find more information on post scams on the Australia Post website.
Stay one step ahead of scammers, follow @Scamwatch_gov on Twitter.