Warning: Mail identity used by cybercriminals

In the virtual environment, most gifts that appear out of nowhere contain unpleasant surprises. The National Directorate of Cyber Security (DNSC) warned that, during this period, numerous reports were analyzed regarding the use of the identity of the Romanian Post in various Scam campaigns. According to DNSC: "The attackers send an SMS that contains a link (short-url) by which they ask the victims to fill in the data necessary to deliver a parcel. Accessing the link redirects the victim to a website that is very similar to the official one of Compania Nationale Poşta Română S.A. , to generate trust and mislead". After accessing the link, you are asked to fill in several forms: in the first form, a fake message is displayed regarding the status of the package and the need to fill in the address for reshipment; in the second form, the personal data and delivery data related to the package are requested; in the third, bank card details, including the CVV/CVC code, are requested for the payment of a small amount. In reality, the card will be charged a higher amount. DNSC draws attention to the fact that, in case of receiving such messages, they should not be followed up and should be reported as soon as possible to the General Directorate of Technical Operations at the address alerts@dnsc.ro or to the emergency number 1911. DNSC also presents some measures prevention, such as: carefully reading the links and the content of the messages, which may contain errors of expression or grammatical mistakes; not accessing links from messages/emails from unknown persons or domains; before entering personal information on a website/application, the persons concerned must ensure that it is a legitimate domain/application. "If you have already entered personal data on such sites/applications, change your passwords immediately," suggests DNSC, which also calls for caution regarding requests for personal and financial information because institutions and companies do not request such information. The National Cyber Security Directorate recommends contacting the bank immediately if such requests have been answered and bank details have been provided.