Cybercriminals have tried similar tricks in recent years. “Fraud targeting shipping companies is a popular ploy for cybercriminals. For example, our ‘Brand Phishing Report’ shows that DHL is the second most frequently abused brand in phishing fraud worldwide. In the Czech Republic, we often see various local mutations of these tricks, which pretend to be messages from the Czech Post and try to confuse users, “warned Pavel Krejčí, security engineer at Check Point.
–
“Attackers often try to arouse emotions and stress the user to act quickly, without thinking and underestimating the risks and not paying much attention to details, including language. Payment requests are usually small amounts in order to increase the chances of payment. With the shopping season approaching, we can expect similar scams to increase. When you need to track a shipment, always go directly to the transport company’s website and never click on links in similar e-mails, “said Krejčí.
–
And that’s exactly what happened now. Check Point captured new phishing campaigns using the cekposta.cz and ceskaposta.serveirc.com domains. Seventy percent of the captured campaigns were focused on the Czech Republic.
–
Captured e-mails were written in Czech or Slovak. The link in the e-mail, through which the recipients are to find out more information about the consignment, is harmful. If people click on the link, they will see fraudulent pages imitating the look of the Czech Post website. They will then be asked to pay a small amount for confirmation. But the whole dog is buried in the payment – people will lose far more than one crown as a result.
–
Sample of phishing pages imitating the appearance of the Czech Post
Foto: repro Check Point
With such low payments, bank accounts are usually verified when they are opened via the Internet – in addition to proving your documents, it is therefore necessary to make a payment from an existing account when opening an account online.
–
Attackers can easily open a bank account in the name of a deceived confidant, through which they can launder money or take out a loan.
–
What if you already clicked on the link and made the payment? “Keep calm. Call your bank, let them know your situation, and have your credit card blocked. Do not communicate with cybercrime in any way. Mark the email as spam and delete it. Have your computer scanned with an antivirus program, ”Avast security experts have previously advised.
—
