A new scam uses the name of the Customs and Monopolies Agency to try to steal 75 euros from users, here's how to recognize the phishing email.
The Computer Emergency Response Team of the Agency for Digital Italy (CERT-AGID) has intercepted a new phishing campaign very sneaky and well designed, aimed at stealing 75 euros to unlucky users who bite. The campaign is based on a fake email from the Customs and Monopolies Agency (ADM).
In the email message, sent to tens of thousands of email accounts, in addition to ADM, reference is made to Colissimo, a parcel delivery service of La Poste, the main postal operator in France, equivalent to our Poste Italiane. Questa campagna di phishing, infatti, non è altro che l’adattamento per l’Italia di una campagna già vista in Francia ma l’adattamento è fatto molto bene e con cura. E questo, naturalmente, rende l’email truffa più credibile per l’utente medio e quindi più pericolosa.
Email truffa dell’Agenzia delle Dogane: come riconoscerla
Il messaggio truffaldino è scritto in buon italiano e recita così: “Gentile cliente – Numero di tracciabilità del tuo pacco colissimo N. XXXX spedito il 30/12/2020, per consentire la consegna del pacco i costi IVA vengono fatturati nuovamente dall’importatore“.
Poi il messaggio continua citando una inesistente legge in merito alle tasse doganali e, infine, invita l’utente ad acquistare un codice PIN Paysafecard online da 75 euro e poi inviarlo ad un indirizzo email per ottenere le informazioni su come sdoganare il pacco.
This email is dangerously credible for several reasons: the Christmas holiday period, first of all, during which it is more likely to send and receive parcels; the use of a really existing and foreign brand, which would justify the cost of customs (but, in reality, France is in the EU and therefore there is no customs between France and Italy) and of a non-existent law (but few may know it); the request for payment via Paysafecard.
The sender of the phishing email, moreover, looks legitimate (but is actually masked): [email protected]. Recently, we remember, the scammers had also exploited the name of the Inland Revenue.
Of course it is a scam and with those 75 euros the user who falls for it doesn't unlock any package, but it fills the wallet of the scammers: the payment code is not to be sent to the email address from which the scammed message is received, but to [email protected].
What is Paysafecard
Interesting the choice of Paysafecard as payment method chosen by the fraudsters. It's an online payment service, absolutely legitimate, based on vouchers identified by a 16-digit PIN code.
It's totally independent from a bank account or a credit card: you just have to buy a Paysafecard and send its code to someone to transfer the money practically anonymously.