Posti is being used as a fake sender of phishing messages - ignore them and do not click on any suspicious links; also see the instructions issued by the police (updated on April 23)

25.03.2020

There is an increasing number of different phishing messages circulating, and Posti is sometimes used as the fake sender. The latest phishing messages are written in good Finnish and, largely, they look very convincing. The messages may even include Posti's logo. Posti is cooperating with the police to combat these fake messages.

Most of the time, the phishing messages are either SMS or email messages. The contents of the phishing messages vary, but often they pretend to notify the recipient of the arrival of an item, a prize they have won or an unpaid delivery charge.

A fake SMS message may appear in the same message thread as authentic notices of arrival, as if it were sent by the same sender.

 

There are currently in circulation fake messages regarding a sent or received parcel

For example, the current phishing messages sent in Posti's name relate to a sent or received parcel. The SMS asks the recipient to open a link and pay a fee of a few euros. The link is used to phish for your credit card details. According to the police instructions:

- Do not open the link and provide your card details.

- If you did give your card or online banking details, immediately contact your bank and then report the issue to the police.

For more information, see the Police of Finland website:

- The ‘Turvaa selustasi verkossa' (‘Protect your back online') campaign reminds people of the hazards of cyberscams

- Phishing SMS messages

 

Scammers usually send out phishing messages using the name of a recognized company as the sender

For further information regarding online scams or to get help with identifying phishing messages, see the websites below (in Finnish).

 

The Finnish Competition and Consumer Authority (FCCA):

- Huijaukset ja tilausansat

- huijausinfo.fi

 

Traficom:

- Näin suojaudut nettihuijaukselta

- Huolehdi tietoturvasta - ole turvalisti!

 

Important general instructions regarding phishing messages concerning Posti

- You should not open a phishing message. You should never give your personal, bank or user information unless you are absolutely certain about the sender. Delete the message without opening it.

- If you are suspicious about the authenticity of a notification received from Posti, you can verify it by checking it against the item ID in item tracking.

- If you encounter a suspicious message, do not take any of the measures requested or required by the message, and do not respond to an email message.

- Posti's authentic notices of arrival include the pickup location and its address, and they do not prompt the recipient to provide any additional information. When it comes to Cash on Delivery items, the notifications sent by Posti include a link to the COD payment. The COD must be paid before the item's recipient receives a locker code for the item.

- You can track your parcels via the OmaPosti application or on our website at posti.fi.

- Currently, Posti does not have a campaign where you can win something or get a discount.