2 min read

New Phishing Scam Targets Italys Post Office

Loredana BOTEZATU

March 19, 2012

New Phishing Scam Targets Italys Post Office

Crooks impersonating Italian post operator Poste Italiane have launched an elaborate phishing scam with e-mails designed to swindle users of one of the country”s last bastions of snail mail.

The scam starts with a courteous e-mail to post office clients, asking them to confirm their login data for maintenance reasons. The appearance of the e-mail seems legitimate as the fake e-mail uses parts from the genuine template, such as menus and banners for a better chance at misleading the customers.

Classically, the fake e-mail clearly explains that Poste Italiane needs to confirm the clients” identification data and provides the user with a link that sends them to a login page that asks for personal information such as user name, password, card ID or security card number. Filling in the form gives the crooks everything they need to access any cash in your account.

What is particularly interesting in this attack is that the stolen information is neither sent via e-mail to an attacker nor saved in a database. Instead, it”s stored in a plain text file on the same compromised server that hosts the phishing form. This makes the attack way worse, as this information is not only available to attackers, but also to anyone who knows how to use a search engine to find valid CC info.

What you can do:

If you have any suspicions regarding your online card account data, you should immediately call Poste Italiane to have all recent transactions blocked at once. They will also direct you through the steps necessary to have your card re-issued.

As a rule always avoid giving out credit card information, especially when you need to disclose your PIN or CVV info. Banks and other institutions working with money never ask clients to change IDs or passwords via e-mail. When in doubt, pick up your phone and call or pay them a visit to make sure. Also, install anti-virus software and keep it up to date.

This article is based on the technical information provided courtesy of Octavian Mihai Minea, Bitdefender Virus Analyst.

All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.

tags


Author



Right now

Top posts

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read
The Top Five Security Risks Smartphone Users Face Today

The Top Five Security Risks Smartphone Users Face Today

July 02, 2021

4 min read
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

July 02, 2021

3 min read
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

June 30, 2021

2 min read
Mobile security threats: reality or myth?

Mobile security threats: reality or myth?

June 13, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

How to keep your Android device immune to malicious vaccine themed apps How to keep your Android device immune to malicious vaccine themed apps
Cristina POPOV

April 22, 2021

2 min read
Facebook Takes Down Two Hacking Groups Operating out of Palestine Facebook Takes Down Two Hacking Groups Operating out of Palestine
Silviu STAHIE

April 22, 2021

2 min read
Ransomware attack causes supermarket cheese shortage in the Netherlands Ransomware attack causes supermarket cheese shortage in the Netherlands
Graham CLULEY

April 13, 2021

2 min read