Australia Post is warning customers to steer clear of a phishing website which is designed to look like its homepage.
The parcel and mail service firm tweeted the following message today.
“Beware the new phishing website pretending to be us. When tracking parcels, we never ask you to log in or download anything," read the tweet.
However, an Australia Post spokesperson told Computerworld Australia that the phishing site ,which originated in Russia, has been taken down.
"Raising public awareness of scams is one of the best ways to protect the community and Australia Post works closely with the Australian Communications and Media Auhtority [ACMA] to alert our customers to scams as well as providing information on our website, on social media, and to subscribers of the Australian Government’s Stay Smart Online alert service," the spokesperson said.
A phishing attack involves the use of a website set up by cyber criminals to look like the site of a well-known organisation, such as an Australian government agency. Phishing is designed to steal personal information from unsuspecting users.
According to Australia Post's security alerts page, phishing websites often look almost identical to the real site. However, there are ways to tell that the phishing site is a fake.
For example, the Web domain and URL will be different, there is no secure HTTPS padlock in the address bar and the site may contain spelling and grammar errors.
The tweet comes just days after Australia Post warned customers not to open a scam email that claims a courier could not deliver a parcel to their address.
The scam email uses the following addresses: firstname.lastname@example.org, email@example.com, firstname.lastname@example.org, email@example.com, firstname.lastname@example.org or email@example.com
According to Australia Post, the email asks the customer to view/print information about their parcel and to go to their local post office to collect it.
“Australia Post does not request customers to send payment for parcel collection nor do we charge customers for holding a parcel,” said a spokesperson. “If you receive this email, please delete it.”
Computerworld Australia has contacted Australia Post for more information about the phishing website.
Follow Hamish Barwick on Twitter: @HamishBarwick
- Australia Post links up with myGov for digital mail delivery
- Phishing attacks cause US$453m in global losses: RSA