Fake Ceska Posta page in Czech detected

Posted byAnti-phishing Leave a comment on Fake Ceska Posta page in Czech detected

Incident Report: This spoofed page was detected, analyzed, and contained firsthand by the Antiphishing.biz security team during our automated link scanning workflows. To protect the public, the phishing source domain has been completely disabled within our infrastructure. We document and analyze these live visual patterns to help security researchers and users recognize deceptive clone designs before financial damage occurs.

Actual screenshot of "Fake Ceska Posta page in Czech detected" phishing interface captured during link moderation on our platform.
Figure 1: Visual proof of the ongoing fraudulent campaign intercepted by our security systems.

This screenshot shows a phishing page impersonating Česká pošta (Czech Post) , targeting Czech‑speaking users. The scam uses a small delivery fee (38 CZK) as a pretext to harvest personal information and full credit card details.

Threat Analysis: Česká Pošta Phishing – Personal Info & Card Harvesting

How it works:
The victim receives an SMS, email, or messaging app alert claiming a package requires a small delivery fee to be released. The link leads to this page, which mimics the official Česká pošta interface. The victim is asked to provide:

  • Personal details: first name, surname, street address, city, postal code, phone number
  • Payment details: cardholder name, full card number, expiration date (MM/YYYY), CVV

A fake tracking number and a total of 38 CZK are displayed to make the request appear legitimate.

The goal:
The attacker collects:

  • Personal identity information (name, address, phone) for identity theft or further scams
  • Full credit/debit card details (number, expiry, CVV) to make fraudulent purchases or sell the data

Red flags to watch for:

  • Suspicious URL: The page is hosted on a domain that is not ceskaposta.cz. Legitimate Czech Post services use only official domains.
  • Request for CVV for a small fee: A legitimate postal service never asks for your card security code to collect a delivery fee.
  • Small fee trick: 38 CZK is a trivial amount intended to lower suspicion.
  • Fake tracking number: The tracking code cannot be verified on the official Česká pošta website.
  • No personalization: The page does not reference a genuine package or address the victim by name.
  • Copied branding: The page uses the Česká pošta logo and layout, but these are copied from the real site.

What to do if you encounter this:

  • Do not enter any personal or card information.
  • If you are expecting a package, track it directly by typing ceskaposta.cz into your browser and using your real tracking number.
  • If you have already entered card details, contact your bank immediately to block the card and dispute any unauthorized charges.
  • Report the phishing page to Česká pošta and to the relevant authorities.

Protective measures:

  • Never click links in unsolicited delivery messages. Always go directly to the official courier website.
  • Never pay a “redelivery fee” via a link. Legitimate fees are handled in person, through the official app, or after logging into your account on the official site.
  • Check the URL carefully: Legitimate Česká pošta domains end with ceskaposta.cz. Look for misspellings, extra words, or unusual top‑level domains.
  • Enable transaction alerts on your bank account to catch unauthorized charges early.

Leave a comment

Your email address will not be published. Required fields are marked *