Current attempted frauds
Malware & Phishing

Fake e-mails and SMS

Here’s how to recognize the current fake e-mails:

Fraudulent SMS with title “Parcel held in terminal” or similar message
An increasing number of SMSs with titles such as “Parcel held in terminal” are being circulated. These messages request payment of a charge/fee. The link in the SMS points to a fraudulent website which uses the Swiss Post layout but is not part of the Swiss Post portal. Swiss Post does not send any SMSs containing payment requests.

Supposed parcel delivery
The poorly written e-mail refers to a supposed parcel delivery, and indicates a correct postal delivery address (street/No.) Although Swiss Post is given as the sender, the e-mail address is not an official Swiss Post address.

Fake e-mails and SMS containing requests to update personal information (password, credit card, etc.) 
The sometimes deceptive, genuine-looking messages ask customers to update personal information such as their password or credit card details. Each of these messages contains a link to a website which does not belong to the Swiss Post portal. This can be recognized by the embedded link not ending with post.ch, poste.ch, posta.ch, swisspost.ch or swisspost.com.

Fake e-mails and SMS containing the message “Unread messages”
These messages suggest that the customer has received unread messages from Swiss Post. Swiss Post does not send such messages. Each of these messages contains a link to a website which does not belong to the Swiss Post portal. This can be recognized by the embedded link not ending with post.ch, poste.ch, posta.ch, swisspost.ch or swisspost.com.

Fake e-mails and SMS with “failed delivery attempt”
There are increasingly more e-mails and SMS circulating that claim to be a failed delivery attempt. Please be sure to check whether the sender’s e-mail address really originates from Swiss Post. Swiss Post never requires a clear to send (CTS) signal or a special barcode for further delivery.

Fake e-mails and SMS with an SMS code
The message indicates that a parcel is ready for the customer to collect from a post office and requests confirmation by SMS to the number 41414, followed by an e-mail to service-code@swisspost.ch.

Fake e-mail and SMS with 0901-... number
The message requests the recipient to call an 0901 number, which does not lead to Swiss Post. In addition, the sender address as well the e-mail address given in the mail and the other content have nothing to do with Swiss Post.

Sender “Swiss Post mg@...”
Certain mails with the subject “Track consignments” originating from the sender addresses mentioned above contain a link to an a supposed “shipping label”. The mails and links hide an infected server which infects PCs with malware in order to access data.

Sender “die-post@pakete-inland.info”
In these cases, the fraudsters use falsified sales advertisements on Swiss advertising platforms and demand that the desired items are paid for in advance using scanned gift certificates. The mails partially contain real data and invite the recipients to send personal payment data. Please note: Swiss Post never requests its customers to send personal payment data. In the e-mail itself, you will see a mix of various delivery organizations.

Invoice amount in the subject line
Other e-mails refer to an invoice or an outstanding payment, the amount of which is also usually mentioned in the subject line (e.g. Swisspost.ch invoice CHF 666). The mails also include a harmful attachment (a docx file) containing malware. You should never open such attachments and should delete the e-mail immediately.

The falsification of e-mail sender addresses is often used for the attempted dissemination of malware. In the short term, Swiss Post is unfortunately unable to do anything to prevent such e-mails being sent, apart from issuing warnings. Any recipients receiving such e-mails are requested to delete the messages and not to open the attachments under any circumstances. If the attachment has been opened, we recommend checking the affected system for any malware attacks with up-to-date antivirus software.