Fake Australia Post “Tracking Update” Emails Link to Malware

Outline:
“Tracking update” emails purporting to be from Australia Post claim that your delivery is on its way. The emails claim that the supposed deliveries are from various well-known stores such as The Good Guys and Officeworks.  The messages invite you to click a button to track your delivery.




Brief Analysis:
The emails are not from Australia Post and they have no connection to the stores they name.They are a criminal ruse design to trick you into downloading and installing malware.

Example:
Subject: Your delivery ZV9366152 from The Good Guys is on its way
Australia Post Tracking Update Malware Email
Example:
Subject: Your delivery BJ7211258 from Officeworks is on its wayAustralia Post Tracking Update Malware Email





Detailed Analysis:
According to these ‘tracking update” emails, which purport to be from Australia Post, your delivery is on its way and  you can click a button to track its progress.  The emails claim that the goods being delivered are from various well-known Australian businesses, including Officeworks and The Good Guys. The emails include Australia Post logos along with generic delivery information.

However, the emails are not from Australia Post and they are not in any way associated with the businesses they list as the sources of the supposed deliveries. In fact, the fraudulent emails are designed to trick you into installing malware on your computer.

If you click the “Track your delivery” button, you will be taken to a website that claims you must now download a file to see the delivery details. But, alas, if you do download and open the file, malware can be installed on your computer.

The exact nature of this malware may vary. It may be ransomware that locks up your computer’s files and then demands that you pay a fee to online criminals to retrieve a decryption key for your locked files. Or it may be malware that is designed to steal sensitive information such as banking passwords.

The criminals hope that at least a few people, knowing that they are not expecting any deliveries from the named companies, may click the link in the hope of getting more information. And, of course, a few people who actually are expecting a delivery may click without due caution.

If you receive one of these emails do not click any links or open any attachments that it contains.

A page on the Australia Post website contains information about various AustraliaPost related scams and malware attacks.




Last updated: October 27, 2016
First published: October 27, 2016
By Brett M. Christensen
About Hoax-Slayer

References
List of Malware Warning Reports/a>
Australia Post ‘Your Package Has Experienced An Exception’ Malware Email
List of Malware Warning Reports
Australia Post Scam Alerts