False Delivery Notice: A New Smishing Campaign Targets Poste Italiane Users

A new smishing campaign, using SMS messages seemingly sent by Poste Italiane, has been identified today by CERT-AGID. This campaign aims to steal personal and financial data from victims.

The dynamics of the attack

Users targeted by the campaign receive an SMS informing them of a supposed problem with the delivery of a package. By following the link in the message, victims are redirected to a fraudulent website designed to mimic the official Poste Italiane site.

Here they are prompted to provide personal information, including first and last name, address, phone number, and email, under the pretext of resolving the delivery issue.

After filling out the first form, the site requests credit card information, falsely charging for the new delivery attempt.

Recommendations

CERT-AGID recommends that users pay close attention to suspicious messages and adopt the following precautions:

1. Carefully verify the source of messages: be wary of communications that request personal information via links.
2. Check that you are on the official platform of the entity, carefully verifying the URL in the browser and ensuring it has the official domain of the organization.
3. Report suspicious messages: forward dubious communications to CERT-AGID at the address malware@cert-agid.gov.it

Indicators of Compromise

The IoCs related to this campaign have already been shared with organizations accredited to the IoC feed of CERT-AGID.

Link: Download IoC