Online sales are surging, and so are delivery scams
Scammers are constantly finding ways to exploit the current trend. People are out in force buying online, and as those packages go out for delivery, people expect to receive messages from shopping websites like Amazon and delivery companies including Australia Post. This makes it the perfect time for scammers to prey on consumers who are not paying close attention.
We think that 900,000 households in Australia shopped online for the first time in their lives between March and August in 2020. That’s a lot of people who aren’t too sure what to expect when their packages are getting delivered. Scammers are taking advantage of our trusting nature. Losses to online shopping scams have increased 42 percent last year. The government agency tracking scams, Scamwatch, has received over 12,000 reports of online shopping scams in 2020, with almost $7 million in reported losses.
Why we fall for scams
Scammers are successful because they pretend that they are contacting you from the companies you trust. So it’s perfectly normal for people to be waiting to receive emails and SMS from Amazon or Australia Post about packages they have coming.
If you’re expecting a package, and you receive a scam message, you’re very likely to click on the message, not knowing that it takes you to a bogus site.
It’s so easy for scammers to send out thousands or even millions of these messages, so that even if they get only a small percentage of people responding, it still makes a lot of money for them.
How delivery scams work
Scammers are sending out fake shipping notifications to collect money off you by taking advantage of the surge in online shopping.
A ‘phishing’ message is an email containing a fake link to track or reroute your package. A ‘smishing’ message is one of these fake messages sent by SMS.
Clicking on one of these links will launch malware or take you to a site that looks just like the website of a big delivery company.
Malware stands for malicious software. Scammers taking this tactic are hoping to launch malware on your device with the aim of hacking into your computer or collecting personal information. Once your device is infected with malware, you may be unaware that scammers have accessed your private information or are tracking your activities on that device which allows them to uncover your username and password. Scammers may also contact you with threats related to information on your device that they have uncovered or injected themselves.
Delivery scams which take you to a fraudulent website are designed to trick you into entering personal or financial details. Fraudsters send you an email or text message purporting to be from a reputable company to try to get you to disclose your private information, like your password or credit card number.
Scammers can sell your details for a profit or they can try your username and password on other websites, as it’s likely you’ve used the same username and password for lots of websites.
What a delivery scam looks like
Australia Post has warnings out about delivery scams, including a fraudulent text message that reads:
"We have attempted to deliver ur package AU26466A1, but there is an unpaid customs charge. Follow the instructions here:”
This scam is claiming that the recipient has additional delivery costs to pay.
Australia Post said on Facebook:
"Please do not click on any links or provide any bank details - this is a scam."
As scammers get better at impersonating real brands it is getting harder to spot a scam. Below are the warning signs you should look out for.
How to spot a scam
These are some of the warning signs you’ve received a scam.
-
- Messages typically contain grammar errors, misspellings or incorrect logos.
- Be on the lookout for unencrypted landing sites. How to do this is to look for the address to start with https or the lock icon in the corner.
- Be wary of messages urging you to act quickly.
Receiving a mysterious package is probably a scam too
If you’ve received a mysterious parcel that you didn't order and that wasn't a gift, it’s likely to be an online e-commerce scam called ‘brushing’.
‘Brushing’ is when you receive a mysterious package containing an inexpensive item from an online marketplace, such as Amazon.
Receiving a surprise package containing a freebie sounds like a good thing, however, it may be linked to your personal data being compromised and used to scam other people.
In order for you to have received this unrequested package, means someone has obtained your personal information and has probably used your details to make a purchase.
A seller generates a fake order using your details. The purpose of these unauthorised transactions is to boost the credibility of the seller. Other people see that the seller has a high level of positive reviews and have increased confidence to buy from that seller, not realising that that positive reviews are indeed fake.
Many e-commerce websites are trying to fight ‘brushing’ scams as they are being used to inappropriately boost the ratings of sellers on their platforms.
How to protect yourself from online scams
These are simple ways to protect yourself from online scammers.
-
- Make sure your devices are up-to-date with security updates
- Backup your information
- Change passwords often
- Use two-factor authentication
- Use a variety of email addresses and passwords for different online activities
Spot a scam, take these steps
If you do come across a message you believe is a scam, do these three things:
-
- Contact the company directly (not via the message you received) to confirm if you indeed have a package coming.
- If it’s a suspicious message, let the company know you believe you received a scam message to be from them.
- Report suspected scams to the government here.
And just remember, if your purchase goes awol, we’re here to help you resolve the issue, dodgy product or otherwise.
You can tell us what’s gone wrong and what it’ll take for you to become a satisfied customer. Just say the magic words ' Help Me Handle It'.
