What’s happened?

Some users report that visiting the login page of the Postepay.it portal is alerted to the presence of a suspected virus inside the page.

The page can be reached at: https://postepay.poste.it/servizi_online/app_login/login.fcc.

This is a report that is only displayed by those who have installed a specific antivirus software on their Microsoft Windows operating system.

Specifically, such antivirus software detects a potentially malicious “javascript” file and categorizes it as a “JS / Banker.BA” virus.

How to behave?

After thorough analysis, Poste Italiane’s CERT staff confirms that this is an erroneous message that there is no virus on the page that is mentioned and that the message can be ignored and should not be a concern.

Poste Italiane’s CERT staff has forwarded the case to the company that owns the anti-virus software.