NZ Post and Westpac Issue Alerts Over New Phishing Scam Involving Fake Parcel Delivery Texts
In a recent surge of cybercriminal activities, New Zealand Post and Westpac have issued warnings to the public about a sophisticated phishing scam. Scammers, masquerading as NZ Post staff, have been sending out fraudulent text messages concerning parcel deliveries from seemingly legitimate email addresses.
NZ Post highlighted its awareness of the ongoing text message campaign, which seeks to deceive recipients with alarming notifications about their parcel deliveries. One example of such a message states, “Your package has arrived at the warehouse and has been suspended for delivery due to a missing home number in the package,” pressuring the recipient to click on a provided link.
Stressing the importance of security, NZ Post has urged individuals not to follow the link embedded within these deceptive messages. Instead, they are advising the public to take action by reporting the scam. Recipients of such messages are encouraged to forward them to the Department of Internal Affairs at the number 7726, effectively aiding in the broader effort to combat these fraudulent activities.
“Please be extremely vigilant for any unexpected or suspicious phone calls or text messages,” Westpac advised its customers. “Read carefully to understand what is being asked for. If you believe you’ve been targeted by a scam, contact your bank immediately.”
Westpac has also sounded the alarm on this new parcel delivery scam, sharing examples received by their customers. These phishing attempts have been noted as originating from various sources, including Outlook and Gmail email addresses. The bank’s warning was clear: recipients should refrain from clicking on any links within these dubious messages. Such links, Westpac explained, are designed to lead individuals to malicious websites that aim to either infect their device with malware or extract personal information to compromise bank accounts.
Victims of this scam are advised to report the incident to the Department of Internal Affairs, then proceed to delete the message and block the sender to prevent further attacks. Westpac emphasized the importance of remaining on high alert for any communication that appears unexpected or suspicious.
The phenomenon of parcel delivery scams is not new; however, incidences tend to spike around the holiday season, exploiting the increased volume of online shopping and parcel deliveries. According to Cert NZ, New Zealand’s cybersecurity agency, NZ Post topped the chart as the most impersonated brand in the country during the latter part of 2023. In its quarterly report, Cert NZ disclosed that the phishing disruption service received a staggering 1,086 reports concerning websites impersonating NZ Post in just the fourth quarter of the year alone.
These phishing efforts typically involve scammers scouring public databases to gather contact information. The term ‘phishing’ refers to the technique used by cybercriminals to cast a wide net by contacting numerous individuals, in hopes that some will engage with the malicious links provided. This could lead to the perpetrators gaining further personal information, or accessing victims’ bank accounts or credit card numbers.
As the digital landscape continues to evolve, so do the strategies employed by cybercriminals. The alerts issued by NZ Post and Westpac serve as a crucial reminder for individuals to remain vigilant and cautious, especially when dealing with unsolicited communications. By taking immediate action and reporting suspicious activities, the public plays a vital role in helping authorities clamp down on these malicious schemes.
