A simple letter delivered by the postman can hide a digital insidia. The so -called “Postman scam” Take advantage of the QR code to spread a malware capable of stealing Sensitive data, including bank credentials. After being reported in Switzerland, this fraud is also taking hold in Italy. Here’s how to recognize it and protect yourself.
Receive paper communication from a reliable body, such as Italian post office Or a government institution, does not arouse suspicion. It is precisely on this that the scammers leverage: they send letters containing a QR code apparently harmless, inviting the recipient to download an application for public utility services, such as Weather alerts or civil protection notifications.
The problem? That QR code redirects to download an app infected with malwaredesigned for intercept and steal bank data and access credentials. This type of computer attack is known how Quishing (QR Phishing) And exploit the widespread diffusion of the QR Code, which have now become common tools in daily life.
From Switzerland to Italy: the malware that empties the current accounts
The alarm was launched for the first time in Swisswhere many citizens have received apparently sent letters from Meteoswiss and from Federal Office for Civil Protection (Focp). By scanning the QR code in the document, the victims were aimed at downloading an app call Severe Weather Warning Appin reality a bait to install the Coves Malware (also known as Octo2).
This malicious software, once installed on devices Androidmasks from official application and succeeds in intercept sensitive data from over 380 appsincluding those of Home Bankingallowing the cybercriminals to access the current accounts of the victims.
Also in Italy similar cases are emerging: Fraudolent QR code were found on paper letters, stickers in parking lots and even in SMS and fake emails sent on behalf of banking institutions. The scammers clon the QR code of payment services and bank portals, pushing users to insert their credentials on web pages identical to the original onesbut managed by criminals.
How to protect yourself from the QR code scam
Faced with this threat, prevention is fundamental. Here are some useful tips not to fall victim to the Postman scam:
What to do if you have been scammed
If you have scanned a suspicious QR code and installed a malicious app, it’s important act quickly:
- Uninstall the suspected app now.
- Restore the phone to the factory settings to eliminate malware.
- Change all the access credentials to banking and sensitive services.
- Immediately report the incident to the postal police or to the competent authorities.
Scammers are refining their techniques, taking advantage of our trust in technology. Being informed and cautious is the first step to protect yourself from these attacks. .