In a statement by the post office on details of the attack, “The post office gives customers the opportunity to check a parcel before they officially take it into possession, and therefore does not require the payment of any fees before the time of collection. Any request for an electronic payment should be viewed as a scam”.
The post office also made it clear that an EFT or online payment is never required before a parcel is collected, and recommends any emails sent by SAPO are also identifiable by the ‘@postoffice.co.za’ domain. Any other email domain would be considered a scam.
It's important for your users to be on the lookout for the next big phishing trend and to know how to report any suspicious activity online. New-school security awareness training can ensure your users can stay-up-to-date on the latest attack vectors and to implement cybersecurity skills in their day-to-day operations.
Sandton Chronicle has the full story.