The Australian Federal Police is warning people shopping online over Christmas to be wary of fake delivery scams that could cost thousands of dollars to victims.
AFP Commander Cybercrime Operations Chris Goldsmid said December was often the busiest time of year for most people and cybercriminals would attempt to exploit victims who might be stressed and less attentive to details.
“Cyber criminals often impersonate trusted brands, such as legitimate parcel delivery services, to send messages designed to trick consumers into clicking on URLs containing harmful malware or providing personal information,” Commander Goldsmid said.
“This may include a technique called ‘spoofing’ in which cyber criminals make their messages look legitimate by using real company logos and fake sender details.”
The messages will often ask you to click a link to track your package, confirm your delivery address, re-direct your package or collect your package.
Once a consumer clicks on a link, they may be taken to a fake company website where they are asked to enter personal or financial details to complete their delivery.
As well as providing criminals with your sensitive information, clicking the link may lead to the installation of harmful malware on your device.
Easy red flags to look out for include requests for your personal or financial information to confirm your order, an unexplained sense of urgency in the request, grammatical errors, and suspicious URLs.
Commander Goldsmid said taking a few minutes to confirm the legitimacy of a message could save you thousands of dollars.
“If you’ve received one of these messages, do not click the link as doing so can lead to the installation of malware on your device, which can access your personal data and infect your device,” he said.
“Most delivery services will never text or email their customers to request personal or financial information.
“If something doesn’t feel right, take the time to verify the request with the organisation using contact information listed on their website.
“If you receive one of these scam texts or emails do not click on any links, report it to Scamwatch, block the sender and delete the message immediately.”
People who detect a scam, regardless of whether they have lost money, can report scams and learn more about how to get help on the Scamwatch website at scamwatch.gov.au.
Those who believe they have fallen victim to cybercrime should immediately report to their bank and also to police using ReportCyber at report.cyber.gov.au.
For more practical cyber safety tips, visit www.cyber.gov.au.