A new phishing scam is making the rounds via text message posing as an Auspost notification alerting recipients that their “freight is delayed” due to an unspecified address. The text prompts victims to click a link to verify their address and ensure prompt delivery. However, it is a scam tactic aimed at stealing personal information. This article will break down how the Auspost “freight delayed” text scam operates, provide examples, and offer advice on how to avoid falling victim. Keep reading to ensure you don’t get tricked by this sneaky phishing attack exploiting Auspost’s brand familiarity.
This Article Contains:
Overview of the Auspost “Freight Delayed” Text Scam
The Auspost freight delayed text scam works like this: recipients receive an unsolicited text message stating there is an issue delivering their freight due to an unspecified address. The message claims that verifying your full address will ensure smooth delivery of the delayed freight.
A link is provided within the text that supposedly leads to the official Auspost website to confirm your shipping details. However, clicking the link actually directs victims to a fake Auspost-branded phishing site controlled by scammers.
If victims input their personal information on the fraudulent site, the scammers can steal it for identity theft and financial fraud purposes. The scam leverages Auspost’s reputation and brand recognition to fool recipients.
Scammers Leverage Auspost’s Brand Recognition
Auspost is Australia’s highly familiar postal service provider. Scammers capitalize on public trust in the Auspost name and services to trick recipients into believing the text notifications are legitimate. Mentioning freight and delivery issues makes the scam more believable.
Fake Auspost Sites Mirror Legitimate Site
Critical to the scam is the convincing but counterfeit Auspost website victims are directed to when they click the link. The fake site looks nearly identical to the real auspost.com.au, deceiving victims into entering their details.
Creates Urgency to Resolve Supposed Issue
By claiming the freight is delayed and that recipients must act quickly to avoid greater disruption, scammers create urgency. This pressures victims to click the link and submit their information without proper scrutiny.
Aims to Steal Personally Identifiable Information
The scammers’ end goal is to collect as much of victims’ personally identifiable information as possible by baiting them to a fake website. Full name, home address, phone number, passwords, and even financial details are sought after.
Examples of The Auspost “Freight Delayed” Text Scam
Before examining how this scam unfolds step-by-step, let’s first review some examples of the phishing text message recipients would receive:
“Freight Delay: Address Not Fully Specified. Ensure smooth delivery by updating your address at: http://auspo-customerportal.com”
“AusPost Alert: We are unable to deliver your freight due to an address mismatch. Please verify your address immediately to avoid shipment delays: http://auspost-verify.com”
“URGENT – AusPost: Freight addressed to you is delayed as street name is incomplete. Please go here to check and update your delivery address: http://portal.auspost.com.au-settings”
These examples exhibit the typical scam traits like citing freight issues and conveying urgency. Notice how the fake URLs imitate legitimate auspost sites as well. Now let’s explore the detailed stages of this scam.
How the Auspost “Freight Delayed” Text Scam Works
Now that we’ve reviewed examples of the phishing text message, let’s do a deep dive into how scammers carry out this scam step-by-step to compromise victims:
Step 1: Recipients Receive Unsolicited Text About Freight Delivery
The first phase involves the target receiving a text message containing Auspost branding and mentioning freight delivery. This will come out of the blue, as the recipient is not actually expecting any packages or freight shipments.
The message will be sent from a random mobile number that appears like a legitimate Auspost contact at first glance. The text will address the recipient generically, such as “Dear customer” or their email address, rather than by name.
An example text could read:
“AusPost: We have a freight shipment addressed to you scheduled for delivery today. However, your full residential address is needed to complete processing for delivery. Please go here to verify your address is up-to-date: [Malicious Link]”
Even if the recipient is not expecting any delivery, the official branding and specifics about freight can convince recipients the message is real.
Step 2: Text Claims Issues Delivering Freight to Recipient
The scam text will state there is some problem delivering or processing the freight shipment addressed to the recipient. Several sneaky tactics are used to make the supposed “issue” seem legitimate:
- Claiming the address is incomplete, unspecified, or doesn’t match Auspost’s records
- Stating the street name, suburb, or postcode cannot be verified
- Alleging the recipient’s location details on file are outdated
- Asserting the freight has been delayed due to problems verifying the recipient’s address
These types of delivery problems create a mix of confusion and concern that something related to the recipient’s address is interfering with their supposed package delivery. This adds a sense of urgency to resolve the fictional issue.
Step 3: Fake Auspost Tracking Number Added
Some versions of the scam text will contain a fake Auspost tracking number as well, often starting with letters like JJ, EE, or RR. While not valid, the official format provides additional legitimacy to make the “undelivered” freight seem real.
For example:
“AusPost: Your freight JJ5861650690 could not be processed for delivery due to incomplete address details on file. Please go here to update your information: [Malicious Link]”
Now the recipient believes Auspost has a specific freight shipment addressed to them that can’t be delivered until they update their details.
Step 4: Link Included to Verify Address
The scam text will contain a link – usually described as the way to check, update, or verify your address information with Auspost to fix the errors interfering with freight delivery and get your “package” sent promptly.
Some examples are:
- Please click here to check and update your address
- Visit http://auspostportal.com to correct your delivery details
- Go here to revise address before we can dispatch your freight
These links to supposedly “fix” the problems actually send recipients to fake Auspost websites controlled by scammers. But victims won’t realize this until it’s too late.
Step 5: Recipients Click Link to Fraudulent Auspost Site
Eager to receive their freight shipment, and assured by the legitimate-seeming text, most recipients will click the provided link on their mobile device without much inspection. After all, they just want to quickly resolve the address error getting their “freight held up”.
Unfortunately, in doing so, they are redirected away from the real Auspost website to very convincing replica sites crafted by scammers to deceive.
Step 6: Scam Target Enters Info on Phishing Site
On the fraudulent site, the victim sees what looks exactly like the real Auspost website layout. There are no immediate signs it’s fake. Believing the site is legitimate, the target will input their personal details like name, DOB, address, phone number, account credentials, etc. when prompted.
After all, they want to “fix” whatever address issue is preventing Auspost from delivering their freight order. Little do they realize their data is going directly to scammers, not Auspost.
Step 7: Scammers Steal and Abuse Victims’ Information
With all the personal information entered, the scammers have succeeded. They now possess sensitive data like names, dates of birth, physical addresses, phone numbers, passwords, and potentially financial information. This can be used to access the victims’ accounts, commit identity theft, or be sold to other cybercriminals.
Meanwhile, victims are stuck cleaning up the mess after being deceived by the elaborate freight delivery scam.
This breakdown illustrates why seemingly legitimate texts about freight issues can be so deceptive. But learning the common tricks scammers use allows Australians to identify and avoid this phishing technique aiming to steal personal data through urgency and impersonation.
How to Identify the Auspost “Freight Delayed” Text Scam
While phishing scams are constantly evolving, there are key red flags that can help you detect this fraudulent Auspost text:
Question Any Unexpected Freight Notifications
Think twice if you receive a message about delayed freight or packages you did not order or arrange for delivery. Scammers send unsolicited texts hoping you’ll instinctively trust any shipping notification. Verify first if you aren’t expecting a real shipment.
Look For Missing Personalization
Legitimate Auspost texts address customers by name in notifications, not just generic terms like “Dear customer.” Messages that fail to personalize with your name or details suggest an indiscriminate scam attempt targeting the masses.
Analyze the Sender’s Phone Number
Closely inspect the sending number on unexpected communications claiming to be from companies. Search Auspost’s website or Google the phone number to confirm it matches legitimate Auspost mobile contacts. Unverified senders signal it’s an impersonation attempt.
Assess Links Thoroughly Before Clicking
Don’t skim over links in messages. Hover over them on your smartphone to reveal the actual destination URL to ensure they direct to official Auspost sites, not unrelated scam pages. Visit links directly through your browser, not by clicking in the message.
Urges Immediate Action to Avoid Trouble
Scare tactics that stress dire consequences if you don’t act quickly are red flags. Phrases like “act now,” “urgent,” or “avoid delays” pressure hasty responses before proper scam evaluation. Real Auspost alerts won’t threaten consequences.
Requests Personally Identifiable Information
If a freight notification asks you to re-enter sensitive personal information like license numbers, tax IDs, or financial data, it is undoubtedly a scam. Auspost already has your details for legitimate shipments. Exercise extreme caution providing data.
Staying vigilant for these common phishing giveaways makes it possible to identify and halt the Auspost text scam in its tracks. Trust your instincts if a message raises flags and proactively verify its authenticity before clicking links or providing personal information. Stay informed to stay secure.
What to Do if You Receive The Auspost “Freight Delayed” Text
If you believe you entered personal information into a fake website linked from a fraudulent Auspost text message, take these steps to protect yourself:
1. Contact Auspost to Report the Scam
Phone Auspost directly at 13 76 78 and explain you received a suspicious text impersonating them. Provide details of the scam message, links, and any information you submitted to make them aware of the phishing method. Your information can aid Auspost in confirming new scam tactics targeting customers.
2. Change Any Exposed Passwords
If you entered account usernames, passwords or other login credentials on the phishing site, immediately change them. Ensure any reused or shared passwords are changed as well across all your other accounts, prioritizing financial accounts, emails, and e-commerce sites. Enable two-factor authentication also wherever possible.
3. Review Credit Reports and Statements
Carefully check bank statements, credit reports, and other financial records for any signs of unauthorized access or activity. Unfamiliar purchases, balances, or opened accounts could indicate your details are being misused for payment fraud already. Report any suspicious charges or activity.
4. Place Fraud Alerts on Credit Reports
Contact one of the three major credit bureaus – Equifax, Experian or TransUnion – to place fraud alerts on your credit reports. This signals you may be a victim of identity theft and prompts scrutiny of new lines of credit applications to stop scammers.
5. Consider Credit Freezes
For stronger protection, freeze your credit reports entirely rather than just alerts. This restricts all access to your credit file unless you explicitly lift the freeze. While less convenient, it provides the greatest block against scammers abusing stolen information.
6. Monitor Account Activity Closely
Keep vigilant watch on all your financial accounts, insurance policies, government records, and anywhere else personally identifiable or sensitive information is stored. The first few months after a scam are critical for noticing fraudulent misuse of your data.
7. Beware of Any Follow Up Requests
Scammers may also target you for follow up cons, claiming you need to verify details to resend lost packages, refund overpayments, or release your funds. These are just secondary schemes to take more money from scam victims. Never send any additional payments.
8. File Reports to Aid Investigations
File scam reports with organizations like ScamWatch and IDCARE in addition to Auspost. Providing information to authorities on new phishing techniques helps track down scammers and alerts other consumers. The more alerts published about latest scams, the less victims they can claim.
Staying alert and taking preventative action quickly limits the damage from provided personal data and helps halt scammers in their tracks. Don’t let slip-ups turn into identity theft nightmares.
The Bottom Line
The fake Auspost “freight delayed” text scam shows that scammers cast a wide net with phishing by impersonating trusted brands like shipping companies. But understanding common tactics they leverage allows recipients to recognize red flags like unsolicited messages and strange links. Validating the communication directly with Auspost before clicking links or providing info denies scammers the data they seek. Stay vigilant about texts regarding delayed freight and ensure your personal details stay safe. Don’t let scammers dupe you based on Auspost’s reputation.
