The South African Post Office (SAPO) is warning customers of a business e-mail compromise (BEC) scam requesting them to make online payments for fictitious parcels.
SAPO says a fake e-mail is circulating, which includes a parcel number starting with the letters ZA, which it warns was not generated by the Post Office.
When tracked on the SAPO website, the parcel number does not give any result, it says.
This warning from SAPO comes as businesses across the country continue to find themselves in the cross-hairs of a flurry of new cyber attacks, including BEC.
In BEC, a cyber attacker spoofs an e-mail of someone within a specific company and uses that identity to e-mail targeted victims, asking them to make bogus payments.
Mimecast’s sixth annual State of E-mail Security 2022 report says online brand spoofing and impersonation remains a persistent danger. Among state-owned entities that participated in the survey, nearly half (46%) reported an up-swell in this type of fraud year-over-year.
In its caution, SAPO, a state-owned company, says: “Members of the public receive an e-mail stating that a parcel addressed to them is being retained because customs fees on it are outstanding. The notice entices them to click on a link that leads them to a website where they can make a payment to release the fictitious parcel.”
The Post Office tells the public that if there are any customs fees payable on a parcel posted from abroad, the client pays the fees when they collect the parcel.
“The Post Office gives customers the opportunity to check a parcel before they officially take it into possession, and therefore does not require the payment of any fees before the time of collection.
“The Post Office normally sends an SMS when a parcel is ready for collection and never requests an EFT or online payment before a parcel is collected. Any request for an electronic payment should be viewed as a scam.
“E-mails sent from the Post Office are identifiable by @postoffice.co.za. The scam e-mails are sent from different servers.”
Share