Thousands stung by Australia Post ransomware attacks

The scammers pretend to be from Australia Post and the Australian Federal Police, and then send an email link that allowed them to hold computers for ransom. Take care!


It is very important to regularly back up.

An IT security frIend also said…between backups if doing locally, the back up drive should be removed/isolated so that it does not appear as a drive on a computer should ransomware be inadvertently installed…otherwise the backup drive may also be encrypted rendering the backup worthless.

It is also suggested that should a local backup drive be used, it is external allowing it to be physically disconnected between backups. Using an internal drive should be avoided as it is considered a copy and not a backup.

Alternatively use a reliable and secure cloud/external server when backing up all data.


I totally agree @phb

Just been trying to save a friends encrypted files on their “Backup Drive” due to the Australia Post scam/ransomware. They used Crypt0l0cker and I think I have saved about 100 files out of approx 30,000. The trouble with this ransomware attack is that it also hits network drives and USB attached ones and they leave a nice reminder of this in the warning/instruction texts they create:

“Your important files (including those on the network disks, USB, etc): photos,
videos, documents, etc. were encrypted with our Crypt0L0cker. The only way to
get your files back is to pay us. Otherwise, your files will be lost.”

So Community Members and their families please don’t leave your backup drives attached after a backup, remove them and store them safely until your next backup or when you have to restore.


I am just as concerned about the phone scams giving out a Sydney phone number. I picked one up on my answering machine so it cut off the presumed calling government department. It was obviously an electronic voice recording and not made by a person reading a script, and promised to send around the sheriff and deputies to take me into custody if I did not repay a debt to someone - that was the bit cut off by my answering machine unfortunately. It was frightening and I am not easily scared and usually give as good as I get and more; they knew my address which was obviously taken from the phone book. This was way beyond nasty and would scare a lot of people into making that phone call.
However I receive very few spam emails because I use a convenience online email service, and that is where the bulk of these emails come through and get deleted before I ever see them. Those that do make it through to my private email address are killed before I open them and after I have checked out the headers. Government departments, including Australia Post, do not have my personal email address and never will but they do have the name that is not in the phone book so I can pick them. I also use a strong anti-malware program that picks up cryptolocker programs before they get through to me, though I rely on common sense to never open any of them - but I do not use Outlook or Outlook Express which has saved me from a lot of worms that have wiped out other family members, who’s computers I have had to fix.


I absolutely agree! The cost of external terabyte drives is not so prohibitive these days. I use two external drives for back-up. One local drive which I use for routine back-ups and which I only connect to the PC for the duration of the backup. The other is for a 2nd routine back-up which I keep in a secure off-site location.


My wife received an email as well: Malware Warning - Auspost Parcel Delivery Notification

1 Like

People who do not update their computers when required by the software company are what caused the spread of the ransomware. They should be removed from the internet if they refuse to do updates in a timely manner.

@felicity, there are two broad categories of people who do not do updates. One can be found by a google of “updates that bricked windows” and how they dealt with “punitive maintenance”. I am not sure about the other group’s motivations.

Similar here. I use a dock on my desk at home with a couple of drives from an old laptop (drives are still fine). The dock is only connected when I am backing up or on the very rare occasion I need to restore something (or everything). The drives are encrypted & I swap them - 1 stays in the dock & the other 1 take to work & leave at the office…