People who do open the attachments risk downloading ransomware called 'Locky' to their computer. This ransomware locks targeted files on the computer and demands that victims pay a ransom of hundreds of dollars for the digital key to unlock them. The criminals demand the payment be made in the digital currency bitcoin.
What makes the scam so dangerous is that it addresses the recipient with personal information such as their full name, location, workplace and job description — all gleaned from their social media profile and designed to dupe them into thinking the email is legitimate.
Australia Post warned in February this year that it would never send users an email asking them to click on an attachment. If you receive one of these emails, you are advised not to open the message or any attachments and to advise the Australian Cybercrime Online Reporting Network.