Australia Post has also posted the following details in relation to the issue: Scam Alerts.
To avoid this issue in the future, please consider downloading the Australia Post App to track your parcels. Read about the benefits here
YOUR NAME, EMAIL AND POSTAL ADDRESS: Items such as name, address, and email address are credentials that alone would be considered low risk of direct financial fraud, however they will invite more phishing communication if entered. In most cases what is of real value to identity thieves is your credit card details or banking username and login.
ENTERED CREDIT/DEBIT CARD DETAILS: If you have entered your debit/credit card details into the linked website, we recommend you contact your financial institution/s straight away to let them know that your personal details have been compromised.
CLICKED THE LINK: Review your browser’s privacy and security settings to make sure you’re comfortable with what’s checked or unchecked. For example, look to see if your browser is blocking third-party cookies, which can enable advertisers to track your online activities.
Go through all applications on the device to detect any unknown programs running. Please remove them immediately.
If you still have concerns after following the device recommendations above, please consider completing a factory reset on your device. Ensure you remove/save or update any photos or data you do not want to lose before completing the reset.
WHAT CAN YOU EXPECT NOW? Future phishing contact (phone, SMS, emails) - with just a small amount of personal information a scammer can easily convince their prospective victims they are calling from Government or big business. What you may expect are more phone calls and text messages and emails (if provided). So be on the lookout for more ‘phishing’ messages that appears to come from well-known organisations such as myGov, ATO, or your bank – especially if the contact is designed to heighten you into responding (ie: a security warning). Best advice is to not respond directly to the message but to login to your account through a separate web browser to check your everything is okay. Reminder: If you gave your credit card details, the scammer will potentially know who you bank with.Remember, a little bit of information can go a long way to convince you that the call is legitimate, especially if they mention a company you have an account with. Please see our fact sheet: Tips for handling scam calls
IF YOUR EMAIL ACCOUNT IS USED TO SIGN UP TO DATING WEBSITES: We have been told by people affected by this scam they have received emails suggesting they are signed up to websites such as dating sites, movie sites etc. If you do receive an email suggesting this it is best not to click 'Unsubscribe' instead email them directly to request your details betaken off their site. Please be careful when liaising with these sites,it is best not to provide any further information.
*Please note:This information is generalised to support individuals in most situations. However,depending upon your experience, capabilities and the device(s) you use, seeking professional support may be advisable. IDCARE's recommended steps for an individual concerned about their identification is based upon the information provided by you. A generic template is not able to appropriately address every individual’s situation and some events may require additional steps.
FURTHER ADVICE: Please take time to look at your security and put systems in place that will lessen the blow now and in the future. We have put together fact sheets that contain useful tips and strategies to help you stay safe:
**If at any time during the scam you were asked to provide more than what is mentioned in this article, namely driver licence, Medicare, passport,Tax File number or log in details etc, please go to IDCAREs Get Help form and request further advice.
Identity Care Australia & New Zealand Ltd (IDCARE) provides identity and cyber security incident response services (the Services) in accordance with the following disclaimer of service:
IDCARE is Australia and New Zealand’s national identity and cyber incident community support service. We are a not-for-profit charity.
While every effort has been made to ensure the accuracy of the information in this alert, IDCARE disclaims any liability to any person in respect to any actions performed or not performed as a result of the contents of the alert or any accompanying data provided. Wider dissemination may be permitted by authority in writing from IDCARE’s Managing Director. If you would like to provide feedback please use our Feedback Form.
Identity theft is a type of fraud that involves the theft of someone’s personal information.view fact sheet
Service providers are organisation that transact with your identity information.view fact sheet
Employment Scams are designed to recruit unsuspecting individuals to launder money.view fact sheet