Inside the Northwick Engine Room ’Tis the Season for Phishing (AU edition)

Well we are well into December and January is on its way, which is the peak inbox season in Australia, parcels, parties, and year-end admin, and attackers know it. They lean on urgency, local brands, and convincing copy. Northwick Cyber’s take, slow down, verify, and don’t let a rushed click become your year-end incident. Our staff are our first line of defence in cybersecurity scams. 

What’s hitting Aussie inboxes right now

• AusPost SMS/Email – “Your parcel is awaiting collection, pay $3.50” or “Track your delivery here.” Fake trackers harvest credentials and card details. 

• ATO/myGov lures – “You’re entitled to a tax refund, update your bank details” or “Overdue account, pay now.” Always sign in via your trusted myGov bookmark/app, never a link in an email/SMS. 

• Retailer bait – “You’ve won a $200 Bunnings/JB HiFi card.” Quick click → credential theft. 

• Airline loyalty – Qantas/Virgin “flight change” or “points reset” alerts that push a login. 

• Bank and Telco alerts – ANZ/CBA/CommBank or Telstra “suspicious login, verify immediately.” 

• Charity appeals – Lookalike domains for familiar causes (Surf Life Saving, RFS) with urgent “donate now”. 

How do you spot the telltales

• Odd urgency (“in the next 10 minutes”), secrecy, or a tone that doesn’t match the sender. 

• Domains that look right at first glance but aren’t (e.g., auspost-delivery.com vs auspost.com.au). 

• Shortened/obfuscated links, unexpected attachments (.html, .zip, macro docs). 

• “Verification” pages that are 95% right, logos and colours, but the URL is off. 

Simple rules that work

1. Multi Factor Authentication (MFA) everywhere – Email, payroll, VPN, cloud apps. Stops most click to compromise dead. 

2. Harden mail – Enable SPF, DKIM, and DMARC; monitor for look alike domains; reject/quarantine unauthenticated mail. 

3. Run a 30minute drill – AusPost parcel, ATO refund, and charity scenarios. Coach – pause, verify, report. 

4. Make reporting effortless – One click in the mailbox, plus a first hour playbook, isolate, reset, hunt, notify. 

5. Protect payments – Dual control for supplier bank changes and large transfers; call back using trusted numbers. 

If someone clicks. Disconnect from the network, report immediately, reset passwords, enforce MFA, and watch for follow up fraud, especially payment redirection. Move fast – minutes, not hours. 

How Northwick Cyber helps – Our Holiday Phish Shield lands quickly: DMARC alignment check, a one click report button, targeted simulations (AusPost, ATO/myGov, charity), an awareness kit, and an incident playbook tuned to your stack. Fast to deploy, simple for staff, effective where it counts, in your inbox. 

This Northwick Cybersecurity thought leadership piece explores how December and January brings a surge in Aussie‑flavoured phishing, think AusPost parcel scams, ATO/myGov refunds, airline loyalty prompts, bank/telco alerts, and charity appeals, and the urges are simple, high‑impact habits, slow down, verify, use MFA, harden email, make reporting one click, and double check payment changes. It closes with Northwick Cyber’s fast‑deploy Holiday Phish Shield, DMARC alignment, one click reporting, targeted simulations, an awareness kit, and an incident playbook tuned to your stack.  (www.northwickcyber.com) 

Northwick Cybersecurity delivers comprehensive protection for businesses by combining advanced threat detection, proactive risk management, and strategic security consulting. Our services cover everything from vulnerability assessments and penetration testing to incident response and compliance support, ensuring enterprises stay resilient against evolving cyber threats. We focus on safeguarding critical infrastructure, securing cloud environments, and implementing robust governance frameworks, all tailored to meet your unique needs.