The National CERT warns all citizens that the phishing campaign misusing the name of the PE ''Post of Serbia'' is currently underway again. The increased volume of purchases due to current seasonal discounts and the increasing popularity of e-commerce applications may also lead to an increase in fraud targeting postal service users.

Users are sent an SMS message stating that their package could not be delivered due to incomplete address information and that in order to deliver the package, they need to open a link in the message, update their address information and pay 200 RSD.

By clicking on the link, citizens are redirected to a fake website of the Post of Serbia, which requires the entry of personal and payment card information. By entering this information on the fake website, attackers are enabled to withdraw money from citizens' accounts.

The National CERT recommends that citizens not click on links in messages received from unknown senders, but use official channels for tracking shipments, and report an incident if they have been scammed.

In addition, in order to improve the level of security for online purchases, a general recommendation for users is to make their payments via a special internet payment card, intended exclusively for online payments, whereby they will limit access to the funds available on the card and prevent the attackers from emptying their national or foreign currency bank account.