A fraudulent email notifies users of an uncollected package and prompts them to make a payment on the referring website. Email is still active. It includes a link that redirects users to a fraudulent website, where they require credit card verification.
The verification process consists in making a control payment of the alleged amount of one crown. The same site is located on several newly registered domains. The design of the website is very similar to the design of the Czech Post website. However, most of the links on the page do not work, and if the user clicks on them, they will receive an error message 404. Some links, on the other hand, redirect the user to the real Czech Post website.
The main content of fraudulent sites is the form for entering payment card details. After entering this data, the user will see an animation that mimics data processing. Then a new form will be loaded on the page for entering the verification code from the sent SMS.
Similar fraudulent e-mail campaigns abusing Czech Post or some banks have appeared several times in the past. At the beginning of this year, for example, a false request from the Czech Post requested that an arrears be sent or that a file be removed from the attachment and personal data be filled in.
– .
