Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share









Issue 119 - October 2011 - Page 6

Australia Post Undelivered Package Malware Emails

Issue 119 Start Menu

Previous Article            Next Article

Outline
Emails purporting to be from Australia Post claim that the delivery of a package to the recipient has failed because of an addressing error. The messages instruct recipient to open an attached file to read more information about the package.



Brief Analysis
The messages are not from Australia Post and the attachments do not contain package information. In fact, the attachments contain malware that, once installed, can allow criminals to access the infected computer.

Bookmark and Share
Detailed analysis and references below example.



Scroll down to submit comments
Last updated: 19th September 2011
First published: 19th September 2011
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer


Examples
Subject: AusPost Delivery information

Dear customer.

Your package has been returned to the Australia Post office.
Reason: Error in delivery address.
Information about your package is attached to the letter.
Read all information carefully and come to the "Australia Post" office to receive your package.

Thank you.
Australia Post Service.


Subject: Track your shipment No9067

Dear customer.

A courier did not deliver the package to your address.
Reason: The delivery address is wrong
Please find the attached document containing detailed information about delivery failure.
Read all information carefully and come to the "Australia Post" office to receive your package.

Thank you.
Australia Post Service.




Detailed Analysis
A series of malicious emails that falsely claim to be from Australia Post is currently being spammed out by Internet criminals. The scam messages claim that the delivery of a package to the recipient has failed due to an error in the packaging address. The recipient is instructed to open an attached file to find out more information about the supposed delivery failure.

The emails do not originate with Australia Post and the attachments do not contain package delivery information. Instead, the .zip attachments contain an executable (.exe) file that, if opened, will install malware on the recipient's computer. This malware may allow criminals to access the infected computer by initiating connections to malicious websites. The malware may also download and install further malicious software.

Australia Post does not send generic, unsolicited emails about package deliveries that expect users to open an attached file to access information. If you receive one of these messages, do not open any attachments that they may contain. Do not follow any links in the messages. Note that subject lines and various other details in the fraudulent emails may vary.

In fact, Australia Post is just the latest in a long line of delivery and postal companies that have been targeted in very similar malware campaigns, including FedEx, DHL, UPS and Post Express. All versions claim to contain information about a pending or failed package delivery in an attached file. In all versions, the attachment contains malware.

Bookmark and Share References
FedEx Incorrect Delivery Address Malware Email
DHL Notification Malware Email
Not Able to Deliver UPS Package Malware Email
Post Express 'Incorrect Delivery Address' Malware Emails



Previous Article            Next Article

Issue 119 Start Menu

Pages in this month's issue:
  1. Jordon Mills Prayer Request
  2. Amy Bruce Charity Hoax Revisited
  3. 'Australian Taxation Office 'New Rules' Malware Emails
  4. Bogus Facebook Virus Warning - 'Pornographic Movies Posted On Our Behalf'
  5. Are UK Companies Required by Law To Transfer 0800 Callers to UK Based Reps If Requested?
  6. Australia Post Undelivered Package Malware Emails
  7. Hoax: Picture of Shark Swimming in Flooded Street After Hurricane Irene
  8. Circulating Health Warning: Beware of Little White and Black Caterpillars
  9. Harly A. Andrews Prayer Request
  10. UEFA EURO 2012 Email Draw Advance Fee Scam
  11. Farmville White Gift Box Virus Warning Hoax
  12. Sleazy Online Dating Emails Carry Malware
  13. 'New Antivirus Update for Windows' Scam Email
  14. Western Union 'Money Transfer' Trojan Email
  15. Bob Katter and the 'Labor Party's Worst Nightmare' Polemic
  16. Hoax - Collect Bottle Caps For Free Cancer Chemotherapy Treatment
  17. 'Your Credit Card is Blocked' Malware Emails