Phishing campaign warning

Phishing campaign warning

CERT Poczta Polska warns against another phishing campaign targeting email users, aimed at stealing data.

The campaign involves sending messages impersonating well-known public figures. The messages contain invitations to meetings or events, details of which are available as attachments. Information may also be sent from trusted websites of Polish email providers.

Opening the attachment may lead to infection of the device and, as a consequence, to the seizure of login details, documents and other files on the device, as well as the attacker gaining permanent access to the device.

Please exercise extreme caution when opening this type of correspondence, whether it's in your personal or business mailbox. If you receive any suspicious messages, please notify us at incident@poczta-polska.pl

We would also like to remind you of the basic rules for using email and social media:

  • when logging in to your account, check whether the domain of the given portal is correct,
  • ignore all other requests for your password, even if the message looks official, requires immediate response and threatens to deactivate your account,
  • report all suspicious messages in your work mailbox to jakointytut@poczta-polska.pl ,
  • remember that messages containing attachments, especially archives and Office documents with the password provided in the message body are particularly suspicious,
  • use long passwords (over 14 characters):
    • – a good method for a long password is to come up with a whole phrase consisting of several words, e.g. 2CzerwoneM@linyb@rdzosm@kow@ly,
    • – avoid passwords that are easily associated with you – containing your name, date of birth, etc.,
    • – Don't use the same password more than once. If possible, use password managers. Those built into your browser or phone are secure and easy to use,
    • enable two-factor authentication (2FA) where possible. Two-factor authentication in email and social media accounts is necessary,
    • – if you suspect a hack, change your password, check your login history in your profile and end all active sessions,
  • update the operating system and programs on the computer and phone you use,
  • keep your antivirus program up to date,
  • For sensitive private communications, use end-to-end encrypted messaging apps like Signal.