In an e-mail to John Smith (name anonymized), a link refers to a seemingly official page of Swiss Post. But only at first glance. Because the login details for John Smith’s personal account are requested in the e-mail. He responds immediately and deletes the e-mail without clicking on the suspicious website. He took all the right steps.

Suspicious online offers

Cyber-criminals are extremely active at the moment during the coronavirus crisis. They are shamelessly exploiting the fact that lots of people are not sitting at their PC or laptop every day, and are letting their guard down about the Internet and its dangers which means they’re being less attentive. This opens up a point of attack for cyber-criminals. They entice victims with search engine hits on emotive words, such as coronavirus or COVID-19. These hits then lead to seemingly genuine, but actually fraudulent or otherwise dangerous websites. Or they advertise suspicious online offers for protective masks or disinfectants which are then either not delivered, or they seek to obtain the customer’s personal details via the order process (phishing).

The Swiss Confederation’s Reporting and Analysis Centre for Information Assurance (MELANI) has recorded a high number of wide-ranging attacks by cyber-criminals over recent weeks, above all malware/phishing attacks and fake online shops. But you can protect yourself against such attacks by exercising great caution when using personal logins and bank and PostFinance details. 

Operation Security: vigilant Swiss Post

It is not just the Confederation’s Reporting and Analysis Centre for Information Assurance (MELANI) that is reporting more phishing e-mails, malware pages and other cyber-criminal attacks. Operation Security, as part of Swiss Post Information Security and Swiss Post IT, has also adapted its work to the increasing threats. It monitors Swiss Post’s IT infrastructure day and night 24/7 and protects against cyber-attacks. Operation Security has warned the internal customer service departments of attempted attacks against Swiss Post customers. These attacks include fake Federal Office of Public Health warnings and voice phishing or malware accompanied by phone calls.

“We’ve recorded various attempted attacks related to coronavirus and Swiss Post,”  says the Operation Security team, speaking as a whole. It is also supporting the Task Force I on digital security issues during the coronavirus crisis and is keeping the crisis management committee informed of extraordinary threats. 

The spam filters are being continually modified to prevent fraud attempts sent by e-mail from ending up in employees’ mailboxes. In addition, an increasing number of unauthorized network scans for any vulnerable or ad-hoc remote connections to Swiss Post’s network infrastructure were also detected and neutralized. 

“We’re in daily contact with MELANI and other computer emergency response teams. Cooperation with customer service departments and other units is working very smoothly”, adds the Operation Security team.

How to protect yourselves

If you suspect that you have received a fake message (or phone call) on behalf of Swiss Post and would like to clarify the matter, please feel free to contact our Customer Service.

• Swiss Post never asks its customers for personal security elements such as passwords or credit card numbers by e-mail or telephone.

• Genuine “Post CH Ltd – Consignment status info” e-mails are sent by <notifications@swisspost.ch> from our Swiss Post mail servers (not from Bluewin), are DKIM signed and do not contain any XLS attachments.

• Don’t trust unsolicited e-mails. 

• Whenever possible, enter Internet addresses for login areas manually into your Internet browser’s address bar.

• Compare the sender’s name with the e-mail address and the mail that is actually stored. You can this do by hovering the mouse over the e-mail address, or on tablets and smartphones, by holding your finger / touchscreen pen on the link without pressing. Delete all e-mails known to be phishing immediately.

• Use the online security check available from the Swiss Internet Security Alliance (SISA) to make sure your system is not affected by malware.

• Use only reputable and secure online payment service providers to shop online, and don’t enter your credit card details unless you completely trust the retailer. 

• Use secure passwords with a combination of upper case and lower case letters, numbers and special characters.

If you have entered your data on a phishing site, you should change your access or e-mail passwords for Swiss Post services immediately in the Customer Center.

You will need to change login data for other portals such as social networks, auction sites, other payment systems or credit card details directly with each provider.

Report phishing e-mails

In the fight against attempted fraud on the Internet, your help is also needed. By reporting phishing attempts to MELANI, the Confederation’s Reporting and Analysis Centre for Information Assurance, you can help to protect other Internet users. Your report can be used to remove the alleged phishing site more quickly from the network, reducing fraudsters’ chances of success. MELANI operates a special website for this purpose, where phishing site links or phishing e-mails can be reported without comment.