A phishing scam targeting Swiss Post users involves fake messages claiming a “Delivery Exception” to harvest personal information and credit card data. These fraudulent sites often use lookalike domains like “suisse-post.net” and urge victims to pay a small “fee” via SMS links. Protecting oneself involves checking tracking numbers exclusively on the official post.ch website and utilizing the official “Post-App” to verify any package issues.
Threat Intel: This deceptive layout was intercepted, verified, and locked down firsthand by the
Antiphishing.bizsecurity team during our standard URL vetting operations. To protect the public, the phishing source domain has been fully defanged within our infrastructure. We document and analyze these live visual patterns to help security researchers and users detect replica fraud techniques before financial damage occurs.
Target: Residents and Businesses in Switzerland
Threat Level: High (Credit Card Skimming & Identity Theft)
Phishing Method Description
This attack uses a “Package Delivery Failure” pretext. Victims receive an SMS (Smishing) or Email claiming that a package is held at a distribution center due to “missing information” or an “unpaid customs fee” (usually a small amount like 1.95 CHF).
The link leads to a pixel-perfect clone of the official Swiss Post (Post CH AG) tracking portal. The goal is to create a low-friction environment where the victim feels safe entering their financial data for a “minor” payment. The fake site harvests:
Full Name and Address
Mobile Phone Number
Credit/Debit Card Number
Expiration Date and CVV
SMS 3D-Secure Code (intercepted in real-time to authorize a much larger fraudulent transaction).
Red Flags to Watch For
Deceptive Domain: The official domain is post.ch. Phishing sites use lookalikes like swiss-post-delivery.com, post-ch-tracking.net, shipping-verify.xyz, or free hosting services.
Payment for Redelivery: Swiss Post rarely asks for a small credit card payment via SMS to complete a delivery. If there is a fee, it is usually handled through your official “My Post” account or paid upon delivery.
Urgency & Threat: Messages like “Your package will be returned to the sender in 24 hours” are designed to make you act impulsively.
How to Protect Yourself
Use the Official App: Track your parcels only through the official Post-App (available on App Store/Google Play). If there’s a real issue with a package, it will be visible there.
Check the Tracking Number: Copy the tracking number from the message and manually paste it into the official www.post.ch website. If the number is “not found,” the message is a scam.
Verify the Sender: Official Swiss Post SMS alerts usually don’t contain links to payment pages. If the link looks strange or the sender is a standard mobile number (often with a non-Swiss prefix), delete it.
Zero Trust for Small Fees: Never enter your card details to pay a “small fee” for a package you weren’t expecting to have customs issues with.