Warning: a new version of the phishing campaign impersonating eDelivery
We're witnessing another installment of a phishing campaign targeting e-Delivery users. The goal is to obtain login credentials for Poczta Polska's e-services.
Cybercriminals are sending messages with the subject line: "Your parcel was not delivered ," pretending to be from Poczta Polska SA (sender: poczta.pl@mariaco.website ). The email asks the recipient to "confirm their email address," supposedly so they can retry delivery.
The link leads to a fake login page:
https://paket-poczta-awb0a51pl521.netlify[.]app
This address is already on the CERT.pl warning list .
The aim of the attack is to obtain eDelivery account data .
How to stay safe?
- Don't click on links in suspicious messages.
- Do not provide card details, logins or passwords.
- Pay attention to the sender's address, language errors, and unusual requests.
- If you have any doubts, please contact us through official channels.
- If you suspect fraud using the image of Poczta Polska, report the incident to CERT Poczta Polska at incident@poczta-polska.pl .
- If you suspect fraud unrelated to Poczta Polska, report the incident to CERT Polska using the form at https://incydent.cert.pl. You can also send an email to cert@cert.pl or send a suspicious text message to 8080 .