Polish Post warns against new phishing campaigns

The Polish Post Office (CERT Poczta Polska), a team responsible for responding to online security incidents, is warning against emerging domains that impersonate the company. The structures and addresses of these fake websites are visually similar to the official Polish Post website. These fake domains often contain, for example, a typo in the Polish Post office's name in the link attached to the message.

If you receive emails or text messages containing links indicating fraud, especially those confusingly resembling the address of the only official domain of Poczta Polska, please inform the Poczta Polska cybersecurity team at the following address: fakt@poczta-polska.pl .

Recently, fake ads have also appeared on social media sites, along with links to domains purportedly selling unclaimed parcels sent by Poczta Polska at bargain prices. The company does not conduct this type of business, and clicking on a link on such a site may result in downloading malware or attempting to extort data or funds.

To avoid falling victim to cybercriminals and protect your data and assets, follow these rules: 

1. carefully read website addresses sent both in e-mails and text messages; 
2. do not click on links received from unknown senders; 
3. never respond to requests for personal data, passwords and/or account logins; 
4. watch out for errors in the link content (e.g. swapped order of letters or substitution of other letters or numbers), if you find any, it is probably a scam; 
5. Some links included in messages from unknown senders may install unwanted malware; 
6. use antivirus software, check it is up to date and install updates, and scan your computer regularly; 
7. change your passwords regularly and make sure they are strong enough, avoiding passwords like: 12345, QWERTY, name, date of birth, Winter2022.