Online risks
The amount of so-called phishing messages (e-mails, text messages, Messenger messages) and malware on websites is on the rise. This page with practical tips and examples has been created to protect you from online risks.
Our top tips
- Be careful when prompted to enter data, especially access data, payment and address information.
- Look closely to check if the e-mail or text message actually comes from Austrian Post.
- Stay critical about prize draws, bogus and teaser offers.
- Protect your Austrian Post account.
- If you suspect fraud, please contact our Austrian Post customer service without delay.
How to identify a phishing attempt
- By the sender
- The e-mail address does not end with @post.at.
- The sender name is not Austrian Post.
- By the content
- The text is written in incorrect German; the writing style does not match that of Austrian Post.
- The design does not match other e-mails or messages sent by Austrian Post; an edited logo is used.
- The message's content does not make sense (you are not currently expecting any delivery from Austrian Post).
- The message includes a request to submit payment or account details or other personal information (via e-mail or by clicking on a link). Unlike in the case of phishing mails, Austrian Post never requests bank details (IBAN or BIC) for the delivery of standard parcels. Bank details are only required for the use of paid online services, such as ordering parcel stamps or buying from the online shop. In that case, bank details are required for the order process.
- Attention! If items that you never ordered appear in your Austrian Post account, your Austrian Post account might have been phished or used with fraudulent intent. Please contact our Austrian Post customer service immediately.
Examples of current phishing attempts
pdf
Phishing attempts
Customers receive a notification that looks like the “yellow notification”. This paper includes a QR code that will take you to a website where customer details are requested with fraudulent intent. The website post-kontakt.at/de is NOT a website of Austrian Post.
ATTENTION!
- Do not scan the QR code
- NEVER click on the link post-kontakt.at/de
- Do not enter your personal details on this site under any circumstances
Screenshots of the notification and the underlying (fake) site
Despite extensive measures, Austrian Post is being misused as a purported sender of phishing e-mails. Currently, there is a campaign involving e-mails with the subject "Your parcel is waiting!" that asks for payment of a "delivery fee".
In this fraud or phishing campaign, please note:
- The e-mail appears to have been sent from meine.post@post.at. The scammers use a trick that makes it seem as though the e-mail is genuinely from Austrian Post. The Austrian Post logo is misused—sometimes distorted—to create a false sense of trust.
-
Do not click on suspicious links in e-mails or SMS.
-
Never open suspicious attachments or documents.
-
Never disclose passwords.
-
A common e-mail fraud scheme involves fabricating problems with a supposed parcel. As part of a payment request for further processing of the parcel, account details are demanded to withdraw large sums.
If you receive payment requests via e-mail after ordering Austrian Post services (such as AllesPost Germany), you can verify that they are genuine transactions by checking the item and order numbers.
Screenshots of current fraud attempts
Further variants
Fraud with classified ads and supposed Austrian Post courier services is booming, as reported by the website Watchlist Internet: