As Krzysztof Romasz, director of the Cybersecurity and Standards Office of the Polish Post, explains, quoted by biznesinfo.pl, this is a classic example of the so-called trust spoofing, in which fraudsters take advantage of users' habit of receiving notifications about shipments.
Read also: The trial in the case of Daniel Obajtek begins. Orlen demands a refund of over PLN 150,000. zloty
— Thanks to quick reports and cooperation with other entities, we are able to block such sites and limit the scope of extortion campaigns, but it is always the individual user who is the first line of defense – emphasized Romasz.
Poczta Polska warns. How does the “shipment” scam work?
The scheme is simple and effective. Cybercriminals impersonate well-known logistics brands, including: Poczta Polska or the Pocztex courier service. In the news they inform about a “withheld parcel” or “underpayment of PLN 0.50” and ask to settle the alleged amount via the link. Clicking on the link takes you to a page that looks confusingly like the website of Poczta Polskawhere the user is asked to provide card details or log in to electronic banking.
Read also: Resignation in the Ministry of Finance. Andrzej Domański thanked the deputy minister for his cooperation
Messages of this type use psychological mechanisms – rush and fear of losing the shipment. “Your parcel has been held due to underpayment” or “pay customs duties to prevent the parcel from being returned to the sender” – these are typical phrases designed to trigger an immediate response.
How to recognize and avoid an attack?
Poczta Polska reminds that never asks you to make a payment via a link in an SMS or email. In case of doubt, it is best to go to the official website of Poczta Polska and check the status of the shipment by entering the shipping number.
Poczta Polska also advises:
- Do not provide financial or personal information in response to unexpected news.
- Check the sender's address and message content — linguistic errors and unusual URLs often reveal fraud.
- Don't click on links from unknown sourceseven if the message appears to be from a well-known institution.
- Report suspicious messages to CERT Polska or directly to Poczta Polska.
The scale of the phenomenon is growing
Poczta Polska, which delivers approximately 800 million letters and parcels annually, is a particularly attractive target for cybercriminals. Together with the CERT Polska team, the company identifies fake websites on an ongoing basis and adds them to the warning lists.
Experts urge every user to be careful. — Cybercriminals are constantly improving their methods, but humans are still the weakest link, remind digital security specialists.
