The National CERT of the Republic of Serbia wishes to inform the public that a new SMS phishing campaign against users of postal services is under way. A fraudulent SMS is sent to the user, saying that a parcel supposedly could not be delivered to them due to an unpaid customs fee, asking them to open the link contained in the text message in order to retrieve their parcel. Fake links currently in circulation are: https://rs-posta.com, https://rs-posta.net, https://posta-serbia.com and https://posta-srbija.com.
The link from the text message leads to a fake page where the user is asked to fill in their bank or credit card details, which ultimately enables the attackers to clear the victim’s bank account.
The PE „Post of Serbia“ reminds the public that this is not how this company communicates with its users, therefore extra attention is warranted.
This is how the PE „Post of Serbia“ legitimate page looks like:
The National CERT urges all users who have possibly received such SMS neither to open the link contained therein, nor to disclose their personal data, but to delete such text messages permanently.
On the National CERT’s website, several publications about these threats have been made available, including the way current phishing campaigns are being carried out. In addition, our platform „For a Safer Click“ contains interactive content about various cybersecurity topics.
The above fraud can be reported to the „Post of Serbia“ via the official contact center telephone numbers 0700 100 300 and 011 3607 788, on business days from 8h to 20h and on weekends from 8h to 15h, as well as to the National CERT.