Have you received an email from Correos? Although a priori it may not seem suspicious, be extremely careful because a new phishing campaign has been detected to impersonate the postal company to empty your bank account.
Correos is one of the favorite hooks for cybercriminals to carry out phishing campaigns. The reason that criminals impersonate the postal company is that, despite the fact that users are increasingly cautious, when the bait is the Post Office there are many people who fall into the trap.
The mechanics of these campaigns are always the same, but they continue to be very effective. The victim receives an email or an SMS that impersonates the postal company. The text warns that the company has not been able to deliver a package on behalf of the victim and, to proceed with its delivery, requests the payment of a small fee, which does not usually exceed 2 euros.
To carry out the payment of this fee, the body of the email or SMS It includes a button or a link that directs to a page that impersonates the official Post Office website.
On this page, the presumed shipping date of the package is indicated and you are invited to pay the costs of the new delivery attempt. The amount may vary and Examples have been seen in which 1.69 euros, 1.79 euros, 1.99 euros and 2.99 euros are requested.
As you can see in the screenshot on these lines, the form to pay the fee does not raise suspicions. Include the supposed shipping code and request the bank card details. By providing this information, the data remains in the hands of criminals, who can use it at will to empty your bank account.
This scam is usually very successful mainly due to two factors. On the one hand, countless people receive packages every day, either from Amazon or from any other online store, so it is not strange to receive a communication from the Post Office. Second, requesting an affordable rate helps the victim to trust himself and not think that he is being deceived.
From Damn.es warn that this scam is circulating again, so be extremely careful not to fall into the trap.
Correos ensures that it never requests amounts by SMS or email, so any message you receive with these characteristics delete it and do not follow the links it includes.