Lately, cybercriminals are targeting Pos Malaysia customers via fraudulent telephone calls, email and text messages with the intention to deceive, scam or steal (phish) personal and financial information.
In this section, you will find information about how you are protected, how you can protect yourself and what you should do if you are targeted by cybercriminals.
If you suspect that you are being targeted or have received a call, text messages or email from individuals or groups pretending to be Pos Malaysia, immediately alert us via email at firstname.lastname@example.org.
HOW YOU ARE PROTECTED
The security of customers is important to Pos Malaysia. We are committed in ensuring that all personal and transaction information are safe and secure. Please take note that Pos Malaysia will not do the following:
- Ask for your password
- Ask you to enter information on a website / portal not belonging to Pos Malaysia
- Send an email or SMS asking for credit card details or personal information (all official email domains related to Pos Malaysia will be sent from addresses ending with “@pos.com.my”. Email from domains such as Hotmail, Yahoo, Gmail or others are not related to Pos Malaysia and should be deleted or ignored.
- Request for payment via telephone for undeliverable parcels / items or for the release of parcel / items.
HOW YOU CAN PROTECT YOURSELF
Here are some tips to help protect yourself from fraud and scams.
- The sender of fraudulent emails will normally ask recipients to click on a link that takes them to a fake website to phish (steal) personal data, credit card information and others. Don’t click on the link. If you have received such email, please delete it immediately as Pos Malaysia does not send unsolicited emails to our customers to ask for payment or sensitive information.
- All official emails from Pos Malaysia ends with “@pos.com.my”. If you have received emails using domains such as Hotmail, Yahoo, Gmail or others claiming to be from Pos Malaysia, ignore or delete it.
- Do not click on any links in a suspicious email or open any attached files. Even if the email or text message you received contains the Pos Malaysia name or logo, please do not reply or click on any hyperlink included.
- If we are unable to deliver an item to you, you will receive a physical Collection Note or SMS to collect the item directly at your nearest Pos Laju outlet or Post Office.
- Resist the urge to "act now" when given a tempting offer, as most of the time it is too good to be true.
- Be careful when clicking unsubscribe on an email. Spammers may use the 'unsubscribe' button to validate your email address, resulting in even more spam.
- Install and use up to date and comprehensive antivirus software.
- Fraudulent SMS messages often feature similar characteristics to phishing emails. Popular SMS scams often reference "tracking a parcel" or "prize collection".
- We will never ask you to provide your personal information, credit card details or other payment information via SMS.
- Remember, criminals can set the "Sender Name" of SMS messages to make it appear as though they're being sent by Pos Malaysia. These messages can also appear in the same "thread" as other legitimate messages from Pos Malaysia on your device, which can make them more difficult to identify. Please be extra vigilant.
- Fraudulent SMS messages will often ask you to click a link which directs you to a web page that isn't part of Pos Malaysia. If the link looks unfamiliar, it is likely a scam.
- Pos Malaysia do not initiate automated voice calls and all our official communication language is English.
- If you are in doubt about the authenticity of a call, don't commit to anything. Instead, hang up and call the company directly or request for the caller’s full name, telephone number and department and validate this through our Customer Service at efeedback.pos.com.my.
- Cybercriminals are known to impersonate people that you know, even your closest family members, to carry out financial scams.
- If you receive an email / message (on social media or messaging service) with a request for donations or financial assistance from a friend or family member and if you are in doubt, call or contact them directly to verify the request.
- If you found that there has been a suspicious activity in your bank account, contact your bank immediately. It is possible that someone has unauthorised access to your account.
- Shred all documents containing personal information, such as credit card applications, bank statements, parcel consignment note and airline boarding pass.
- The Malaysian Government's cyber security website, National Cyber Security Agency, provides simple steps you can take to protect your personal and financial information online.
Protect Your Personal Details
- Never enter personal, credit card or bank account details on a website, if you are unable to determine whether it is genuine or otherwise. Always check the website address as scammers create URLs that look remarkably similar. For example:
Genuine Pos Malaysia URLs:
- Never send your personal, credit card or bank account details through email.
- Keep your passwords and PINs safe and don't share them with anyone.
- Check your credit card and/or bank statements regularly for suspicious transactions.
- If you accidentally provide account or banking details to someone suspicious, you should contact your bank or financial institution immediately.
Responding to identity fraud
If you suspect you're a victim of identity theft or misuse, you should immediately inform the police (and keep a copy of the police report). Report the loss of any identity documents (e.g. passport, driver's licence) to the authorities. Contact your bank or financial institution to cancel any cards or accounts that may have been breached due to suspected or proven identity fraud.
If your track & trace indicates that your parcel(s) is / are delivered but has not reached you, please contact Pos Malaysia immediately. Someone might be impersonating you or collected the parcel(s) without your authorisation.
- Royal Malaysia Police (PDRM)
- Malaysian Communications and Multimedia Commission (MCMC)
- National Cyber Security Agency (NACSA)