Dangerous Courier Delivery Ransomware Scam
An extremely dangerous email has been caught by MailShark spam filters. This email installs Ransomware / Cryptolocker onto your machine and, after encrypting all your files, asks you for a ransom to decrypt those files, to regain access. The sender tries to trick receivers by claiming they are Australia Post – Australia’s most popular postal service.
Figure A shows the email that attempts to reach inboxes. It is averagely branded but scares the receiver by claiming there is a package they need to claim. The subject line reads “[Firstname] The courier was unable to deliver item” which automatically entices you to open it to find out more. AusPost is shown as the email sender however, looking closer at the email address used it is in no way associated to the official Australia Post website and is clearly spam.
Another tactic this email uses is giving a time limit on claiming the parcel and threatening to charge additional fees if it is not picked up, for storage costs. All links within this email are malicious and will lead you to one of the most dangerous websites we have seen of late.
Figure B is a safely captured screenshot of the website you will land on if any links within the email are clicked. It is well branded as an Australia Post tracking page and prompts you to enter a captcha code and click through. When comparing with the legitimate Australia Post Parcel Tracking website, shown in Figure C, it’s easy to see how people can be fooled.
DO NOT CLICK ANYWHERE ON THIS PAGE. This website is attempting to infect your computer with a dangerous #Ransomware / #Cryptolocker malware which will encrypt all of your files and will not allow you to access any of your information or files without paying a ransom.
We can not stress enough how dangerous this email is on your personal information and files. Delete any trace of this email from your inbox and pass on this article to friends to warn of similar attacks. This email’s intentions are a great example of why you should never open an email you didn’t sign up for or anticipate receiving.
Where in the world did the bulk of this Email come from?
Check out our Global Spam Sources page, for a World map of spam sources.