Poczta Polska warns against another cyber criminals attack

News of: November 4 2020

Once again, cyber criminals impersonate the Polish Post Office. In order to obtain personal data or money, they send false emails using the logo and company name. The post office informs what should be particularly being careful and what are the general rules that protect against e-mail fraud. 

One of the attacks consists in sending false emails informing about an incorrectly addressed shipment. E - these emails have an attachment containing malware, so -called Trojan. Another method of cybercriminals is to ship false news about winning the latest smartphone model. Cybercriminals inform that to receive the prize, just click the given link, which redirects to a crafted website to extort data and money. The company has already reported this event to the Computer Security Response Team - CSIRT GOV.

- We would like to inform you that Poczta Polska is not the initiator of these email campaigns. We ask for vigilance and careful reading of the messages received and the links contained in it - says Justyna Siwek, spokesman for Poczta Polska. -If you receive suspicious messages or if you suspect irregularities or incompatibilities, please report the case to the police and immediately inform us to the address  of the cyber security [at] Poczt-polska.pl . This will make us warning our clients, as well as blocking the false side - appeals Justyna Siwek.

What information does Poczta Polska send? 

Poczta Polska sends e-mails about shipments from the address in the information@poczta-polska.pl , which are only informative, as can be seen in the screen below. The company provides information on where to find information about the current status of the parcel and explicitly directs to the Poczta Polska website https://emonitoring.poczta-polska.pl where our customer can check at what stage of the journey his shipment is.

What is phishing 

Phishing is one of the methods of internet fraud. It aims to extort sensitive data from the user, such as: passwords, logins, addresses, PESEL or bank account numbers and credit cards. It consists in impersonating well -known, often state institutions, e.g. the tax office, ministries or ZUS. The messages are crafted in such a way that they resemble a potential letter from the subject for which their author is given.

E -mails of this type are based on social engineering - most often they encourage you to click on the attached link or downloading the file (in fact infected with a computer virus). A false promotional offer or alleged warning about unregulated payment measures is to lead to this.

8 Rules How to avoid phishing - the most important vigilance! 

1. Always have limited confidence in the messages received.
2. Do not open the attachments if you did not expect a message from a given sender.
3. If you do not know the sender, think about opening the message very well.
4. Do not provide your data (sensitive, confidential) in open messages without security.
5. Check the links that are contained in the received message or placed on the page.
6. Always update the post to receive mail and web browser.
7. Install accessories to a postal customer or browser that increases their safety.
8. Always install accessories from original suppliers, recommended by manufacturers of a given software.

The increased procedure of impersonating the Polish Post has been several times. At the same time, we would like to inform you that Poczta Polska is not responsible for the effects of actions taken by customers in messages disseminated by other entities, including entities impersonating Polish Post Office.