Watch out for the post office scam

Watch out for the post office scam

19 May 2021

Share

Cybersecurity firm J2 has warned against the rapid increase in post office scams, lulling unsuspecting people into believing there is a package for delivery. The email is made to look like a notification from the South African Post Office (SAPO) and prompts the recipient to make a payment to have the parcel delivered.

John McLoughlin

J2 CEO John McLoughlin says the South African Post Office does not require customers to make any payment before parcels are released. “The cybercriminals bypass your email security by using a trusted service and website like Survey Monkey. If you click on the fake payment link, you are directed to the Survey Monkey page that the cybercriminal has created."

"Most people don't realise this is a Survey Monkey site and they are then enticed to click to be redirected to the criminal’s fake payment page. You are then asked to insert your credit card details to make payment for your delivery. At this point the criminal will be stealing your credit card information," he explains.

Once the person is redirected, the cyber criminal’s fake landing page will request payment. To make it look authentic, the criminal syndicates copy the logos of trusted South African payment gateways. This entire process is fake! These criminals are out to steal information.

Their next step to complete the card theft is to get the person to enter the card PIN. Sadly, many people are still convinced this is real and when they enter their PIN, the criminals will have all they need to sell the card details and to also use them.

"The attacker will keep you there as they now have an automated process to not only steal your card number and PIN, but they will process a transaction if you've given them the correct details. The next step to process their stolen goods is to get your OTP," he warns.

Here are some guidelines to prevent being scammed in future:

  • Know that you are the target, everybody is
  • Check the sender’s email address
  • Deploy a layered, monitored and comprehensive cyber resilience program
  • Take note of the URL of every webpage you are directed to
  • If you didn’t request something, then it is fake
  • Check that you are using only known and trusted websites
  • NEVER enter your PIN or give it out over the phone
  • Educate your users, friends and family
  • If you are unsure, verify the authenticity with a little bit of research and do not rely on information contained in the email you receive

Without a layered cyber resilience program, these criminals cannot be stopped. Also, cyberattacks evolve daily, so it's important to question every unsolicited email, call and payment request received.

Sign up to receive our newsletters and magazine free - click here.

Vodacom-Maziv Competiton Commission ruling: A contrarian view

Blocking of a deal between Vodacom and Maziv by the Competition Commission was lauded by WAPA – here’s why

06 Nov 2024

Gartner predicts Fortune 500 companies will shift US$500 billion from energy opex to microgrids through 2027

Microgrids create a competitive advantage, lower carbon footprint and help to control costs

06 Nov 2024

Cracking the code: Changing the game in education

With industry support, schools can equip thousands of young South Africans with the tools to build better futures

06 Nov 2024

Dealing with data is often the greatest business challenge

Digital sovereignty is the key to data control, security and independence

06 Nov 2024

Equipment buyback value likely to take a big knock in 2025

The introduction of Windows 11, the rise of AI-enabled devices and environmental concerns about outdated equipment are the basis for this prediction

06 Nov 2024

A path to growth: Building scalable startups

ALX launches founder academy to empower future tech entrepreneurs

03 Nov 2024

SA’s ISPs rate FNOs as (slightly) better than six months ago

Octotel displaces Metrofibre as the highest-rated fibre network operator

03 Nov 2024

Finalists announced for 2024 IITPSA President's awards

The finalists have been announced for this year’s Institute of Information Technology Professionals South Africa (IITPSA) President’s Awards

03 Nov 2024

Digital boundaries: Why data security is essential across tech industries

In a world where digital interactions permeate every aspect of daily life, data privacy and security have become essential

01 Nov 2024

Reimagining QR codes: The smart, scalable future

From advanced image and video QR codes to enhanced data tracking, QR Fox maximises scan ability and performance across devices

01 Nov 2024

Burnout burdens: How to retain InfoSec professionals in a company

The growing complexity of the cyberthreat landscape and the persistent skills shortage exacerbate this issue

31 Oct 2024

Are employees putting company networks at risk?

As cybercriminals increasingly target employee credentials, businesses must evolve their defence strategies

30 Oct 2024

MagazineClick to view

EngineerIT November 2024 Issue

View PDF

EngineerIT October 2024 Issue

View PDF

Podcasts / Panels

PODCAST: Don’t create problems to justify implementation of AI
23 Aug 2024
ARMCOIL WEBINAR OCTOBER 2023
01 Nov 2023
Efficiency and Reliability: Exploring Surface & Underground MV Substations with ArmCoil on 26 October 2023.
19 Oct 2023
The importance of Metrology in manufacturing PANEL DISCUSSION
26 Aug 2023
Is it the end of the road for on-premise data centres?
24 Jul 2023
More