Cybercriminals have tried similar tricks in recent years. “Fraud targeting shipping companies is a common ploy of cybercriminals. For example, the “Brand Phishing Report” shows that DHL is the second most abused brand of phishing scams worldwide. In the Czech Republic, we often see Various local twists of these scams, which pretend to be messages from Czech Post and try to confuse users,” warned Pavel Krijce, Security Engineer at Check Point.
“Attackers often try to stir up emotions and assure the user to act quickly, without thinking, minimizing risks and not paying much attention to details, including language. Payment requests are usually small amounts in order to increase the chances of payment. As the shopping season approaches, we can expect an increase Similar scams. When you need to track a shipment, always go directly to the carrier’s website and never click on links in similar emails,” Craigie said.
This is exactly what happened now. Check Point has picked up new phishing campaigns using the domains cekposta.cz and ceskaposta.serveirc.com. Seventy percent of the captured campaigns were centered on the Czech Republic.
The emails captured were written in either Czech or Slovak. The link in the email, through which recipients can find out more information about the shipment, is malicious. If people click on the link, they will see fraudulent pages that mimic the appearance of the Czech Post website. They will then be asked to pay a small amount to confirm. But the whole dog is buried in the thrust – people will lose more than one crown as a result.
A sample of phishing pages that mimic the appearance of Czech Post.
Photo: repro Check Point
With such lower payments, bank accounts are usually verified when you open them online – in addition to proof of your documents, so it is necessary to make a payment from an existing account when opening an online account.
Attackers can easily open a bank account in the name of a deceived confidant, through which they can launder money or obtain a loan.
What if I already clicked on the link and made a payment? “Keep calm. Call your bank, tell them your situation, and block your credit card. Don’t communicate with cybercrime in any way. Mark the email as spam and delete it. Scan your computer with an antivirus, Avast security experts advised in advance.
“Proud twitter enthusiast. Introvert. Hardcore alcohol junkie. Lifelong food specialist. Internet guru.”