Polish Post warns: New attack by cyber fraudsters 
  • Home page
  • News
  • Polish Post warns: New attack by cyber fraudsters 

Polish Post warns: New attack by cyber fraudsters 

Warning! A new, dangerous phishing campaign has emerged, in which cybercriminals are impersonating official correspondence regarding the establishment of e-Delivery mailboxes. The attack was prepared in a particularly dangerous way – the content of the fake messages uses a real message sent to Poczta Polska customers after activating an e-Delivery mailbox.

What does attempted fraud look like? 

Users receive emails from fake addresses, including: 

  • Cloud Subscription Department: noreply@qohv.pacificasportfishing.com 
  • CL0UDStorage: noreply@ptjx.mould-china.net.


Depending on the campaign variant, titles may include: 

  • “Final warning. Deletion will begin.” 
  • “Cloud subscription has expired – restore access now.”.


In the emails, criminals include fake notifications about supposedly full cloud storage (“Your cloud storage is full”), suggest the loss of photos, documents and data, and then encourage the user to click on the “Increase space” or “Upgrade now” link.

Once clicked, the recipient is taken to websites impersonating cloud service providers, including: 

  • cheapestpianos[.]shop 
  • residentialpsychiatricservices[.]com 
  • a service reminiscent of "Total Drive".


These sites encourage users to provide credit card details or pay via PayPal. Some campaigns inform users that as a "loyalty program member," they can receive unlimited cloud storage for a one-time fee of 7 PLN, further reinforcing the message. 

It is currently unclear whether the aim of the campaign is to actually charge for a non-existent service or primarily to intercept payment card data. 

NOTE: This is not Polish Post correspondence 

Cybercriminals exploited a genuine Polish Post Office (Poczta Polska) message addressed to individuals activating their e-Delivery mailbox. These messages are sent en masse to random recipients, aiming to make the fake correspondence seem credible. In all cases reported to us so far, the scammers used the same electronic delivery address (ADE), a characteristic element of a phishing campaign designed to increase its effectiveness. 

Please note that Poczta Polska does not send any notifications regarding disk space fill-ups, cloud storage services, backups, or paid storage expansion packages. The safety of our customers is our priority. 

Real address of the Polish Post sender 

The only correct address from which the official message about setting up an e-Delivery box and submitting the regulations is sent is: 

informacja@poczta-polska.pl 

If the message comes from a different address, it is an attempt at fraud. 

How to stay safe? 

  • Don't click on links in suspicious messages. 
  • Do not provide card details, logins or passwords. 
  • Pay attention to the sender's address, language errors, and unusual payment requests. 
  • If you have any doubts, please contact us through official channels. 


Have you received a suspicious email? 

Please report it to the following address: procent@poczta-polska.pl