What’s happened?

For a few days, many of you will report to us on your email inbox of messages that communicate the payout of a cash bonus.

The messages appear to be sent by Poste Italiane (indicated as sender), and are written more or less in this way:

“Dear Customer, We are pleased to inform you that you are entitled to a bonus of 150 euros to be withdrawn when you want. You can confirm and accept the bonus of Poste Italiane. By downloading { here }, filling in the form attached and him by fax with the correct data.”

Why is it important to know?

This is a false message prepared by malicious intent with the devious intention to steal credentials and data of Postepay cards (e.g. username, password, postepay card number, CVV2, expiration date).

The technical analyses also showed that the links included in this message redirect to the clone sites of Poste Italiane: This is a typical case of “Phishing”.

Phishing is an illegal activity whereby, through various stratagems, an attacker manages to fraudulently steal the credentials of a user (user and password) or the information relating to his credit cards;

It is easy to run into this kind of deceit (almost always “copies” of the faithful websites we visit habitually), but it is equally easy “to keep away” without suffering any consequence.

The “hornbeam” information is usually used to make computer fraud: Criminals access current accounts (which are quickly emptied), or resell information on the “black market”.

Poste Italiane has organized presidia for the prevention and contrast of this type of illegal activity, promptly performing the “shutdown” of false sites and blocking any “suspicious” operations consequent to subtraction of the credentials.

How to behave?

In order not to take risks, we suggest to anyone who receives this type of message to adopt simple measures, such as:

  • Do not connect to the site indicated in the text of the e-mail message;
  • Do not compile and/or download any attached documents in the e-mail message;
  • If you are logged in by mistake, do not provide any kind of credentials and/or personal data, do not authenticate;
  • Report additional suspicious e-mail messages to the CERT@posteitaliane.it mailbox;
  • Be wary of similar requests, of which the provenance is not certain.