The National CERT warns all citizens that an SMS phishing campaign is currently underway, which is misusing the name of the PE ''Post of Serbia'' (JP "Pošta Srbije").

Users are sent an SMS message stating that their package could not be delivered due to incomplete address information and that in order to deliver the package, they need to open a link in the message and update their address information.

By clicking on the link, citizens are redirected to a fake website of the Post of Serbia, which requires the entry of personal and payment card information. By entering this information on the fake website, attackers are enabled to withdraw money from citizens' accounts.

The increased volume of purchases due to current seasonal discounts and the increasing popularity of e-commerce applications may also lead to an increase in fraud targeting postal service users.

The National CERT recommends that citizens not click on links in messages received from unknown senders, to use official channels for tracking shipments, and to report an incident if they have been scammed.

In addition, in order to improve the level of security for online purchases, a general recommendation for users is to pay using a special internet card, which is intended exclusively for online payments. In this way, users limit access to the funds available on that card and prevent attackers from taking over the funds that users have in their dinar or foreign currency accounts.