[gjkrv8]

Hi Guys,

Excuse the long post.

Knowing you guys get little Cobra parcels like me I thought I’d give you a heads up.

Essentially when you get an ePost parcel delivered you can track it via their Auspost website.

All good so far.

There is an option to enable them to send you emails to alert you of the various stages of delivery etc.

Once I enabled this coincidentally within an hour I received an official looking Auspost email from “afp@delivery.com/xxxxx” saying “Nobody was home – click on the label link below to printout your label and take it to the post office and get your parcel etc”

My guard was up as I was getting the parcel delivered to my office and someone is always home there.

When I hovered over the graphic link for the label printout it was some xxxx.kz or xxxx.ru link (Russia or Kazakhstan)

My National IT Security Manager sits right next to me and I got him over to have a look and he said “don’t click on that, you have been the subject of a “targeted spear phishing attack””. (Google it :-) )

He said this is pretty sophisticated as it means someone is tracking people registering for Auspost parcel tracking emails and then sending the bogus email to attack their machines – he said if I had of clicked on the link it would have locked my machine where they ask for ransom money to unlock etc.

There is an alert (auscert) out about the bogus emails – but not about them somehow figuring out you are expecting a parcel (this is the sophisticated bit).

Moral of the story – be very careful of stuff looking like it comes from Auspost – and try and hover over the links and if they are not auspost.com etc then delete immediately.

If unsure delete immediately.


Cheers

Gregg