If you have received this scam email from Correos, delete it: it is a phishing campaign to steal your financial data to empty your current account.
Phishing campaigns that impersonate Correos are quite common. Given the rise of e-commerce, which has grown sharper in the new normal, cybercriminals know that users are now more conscious than ever of postal items. For this reason, using the postal company as a hook has a better chance of success than supplanting other companies.
So, if you want to avoid being a victim of phishing, the National Institute of Cybersecurity (INCIBE) has warned of a new scam that you have to be aware of. This is a new campaign that sends a false email supposedly on behalf of Correos. Whose sole objective is to steal your personal and financial data to empty your checking account.
The mechanics of this scam are similar to what we have seen on other occasions. The criminals forward the fraudulent email to the victim, where the message indicates. That the user has a package in their name waiting at the office to be picked up.
The scam email explains that because the package could not be delivered. It is necessary to pay 2.99 euros due to the delay. Since it is a low amount, it seems reasonable that it corresponds to the service’s costs. So the victim is not suspicious and believes it is a real claim.
The message contains a button to request the package’s shipment. That leads to a false page that impersonates Correos’s legitimate website. The design is quite successful, so a priori, the victim does not have to suspect anything.
The form requests the user’s bank card details: name and surname, card number, expiration date, and CVV. Below is an illegitimate page that pretends to be a Redsys payment gateway. Where the victim is asked to enter the password that has arrived by SMS.
If you provide all this information, it will be in the possession of cybercriminals. Who will use it for malicious purposes and could empty your checking account or make purchases on your behalf, to name a few? If you have fallen into the trap, contact your bank as soon as possible to report what has happened and cancel your card.