What Happened?

We want to point out an attempt at phishing through cell phones that anonymous fraudsters are trying to accomplish these days. Thanks to the monitoring activities and especially to your reports, a large number of SMS messages (apparently sent by Poste Italiane) have been identified in which the recipients are invited to make a telephone bill for receiving the complimentary telephone credit. A similar attempt, invites recipients to click on a link to download a cover folder.

The text in messages is more or less like this:

“Poste Italiane gives you 100 euro credit + 10GB Internet if you charge a minimum of 20 euros on the site: Counterfeit site URL valid 24-hour”


“PosteNotifica! We inform you about the Incident Folder number: J488 / 2016, please download the recommended in the site Counterfeit site URL

Instead of “Counterfeit Web Site URLs”, there are various addresses that make Poste Italiane think, but that nothing has to do with the original sites that we make available to our customers.

The sender’s mobile numbers are also different and vary from person to person.

We are asking you to observe how, in the second case, obvious translation mistakes clearly indicate the presence of an anomaly.

Why is important to know it?

This is a false one: messages contain all a link through which fraudsters render their victims to a phishing site designed to fraudulently drive access credentials. Credentials can later be used to trap our money or re Our CERT verifications confirm that this is a very large case of smishing (phishing through SMS): a committed illegal activity by adopting several stratagems (eg by playing branded logos or web sites that we usually use).

These are very serious offenses punishable by our Criminal Code (erroneous induction of a person who has been hurt by artifices or scams – ex art 640 cp, “Scam”, sending unsolicited / unsolicited communications – “spamming” in violation of D. Legislative Decree 196/03 – “Personal Data Protection Code” or “Privacy Code”).

In Poste Italiane we have been organizing for some time for the prevention and contraction of these illicit activities that enable us to deactivate sites that are predisposed to fraudsters at the same time and to block suspicious transactions on accounts if the credentials are removed of a customer’s access.

How to behave?

In order to avoid any risk, we suggest that anyone who receives this type of message can take simple steps, such as:

  • Do not connect to the site indicated in the text of the SMS message;
  • If you are connected by mistake, do not provide any kind of credentials and / or personal data, do not authenticate;
  • Do not download any documents or attachments present in similar email messages;
  • Report further suspicious SMS or e-mail messages to the CERT@posteitaliane.it mailbox;
  • Wait for similar requests, which are not reliable.