More and more attacks imitate the Italian Post Office without errors or urgency: how to recognize phishing before it’s too late
Clear subject, reassuring tone, graphics identical to the official one: «Your Poste Italiane SPID has been suspended: reactivate it now». This is what one of the campaigns looks like phishing most insidious in recent months. SPID-related attacks are on the increase, because cybercriminals increasingly focus on widespread and recognizable digital services, exploiting user trust. But you can defend yourself and remember that today, more than ever, a “perfect” email can be the most dangerous one. And it is important to remember that Poste Italiane, in its official communications, reiterates a fundamental principle: it never requests sensitive data such as credentials, PINs, OTP codes or card information via email, SMS, telephone or social media, nor does it invite you to carry out operations to “solve security problems”.
Inactive SPID scam: how it works and why it is dangerous
TO unlike traditional scamsthe email that simulates an official communication from Poste Italiane does not use aggressive and urgent tones, nor does it contain obvious errors. The message calmly explains that the annual SPID fee has not been paid and offers two solutions: go to a post office or click on a link to quickly resolve the problem. It is precisely this apparent normality that makes it dangerous. The user does not perceive urgency or threat and lowers his defenses, more easily falling into the trap. The objective of cyber criminals is twofold: on the one hand to steal access credentials to the digital identity, on the other to access Postepay accounts and cards, among the most widespread in Italy.
And next to the fake SPID block scam, There are variations circulating. Emails that simulate communications from Poste Italiane on a “new telegram” complete with identification code; the activation of non-existent services such as the «Postepay Web System» and requests for data updates via perfectly imitated forms. In all cases, the mechanism is identical: convince the user to click on a link and enter their data on a clone page, visually indistinguishable from the real one.
How to recognize a fake email: the crucial checks
But even if the emails are “perfect”, they always leave traces, e.g a few seconds are enough to avoid serious consequences. The first step is always that of the sender. You shouldn’t stop at the display name, but check the complete address. An email like (email protected) may seem plausible, but it is not authentic, official communications only arrive from @posteitaliane.it domains. The second step is to verify the link without clicking. By hovering the cursor over, you can read the real address: if it does not contain clear references to the official website (poste.it), it is very likely that it is phishing. Finally, the safest verification is the direct one: access the official Poste ID app or the site by manually typing the address into the browser. If there are no anomalies, the email is fake.
How to really protect yourself from phishing
In general, to defend against phishingthe first rule is simple: Don’t act on impulse. Scams work precisely because they encourage you to react quickly. It is always advisable to avoid clicking on links contained in suspicious emails and not download any attachments. To access the services, it is better to manually type the official address, or use certified apps. If you have any doubts, it is useful to contact customer service directly, or report the suspicious email to the dedicated address (email protected), thus helping to combat the spread of these campaigns. And then remember: it’s not just email. Scam attempts can also come via phone calls, SMS or social networkswhere fake profiles try to establish direct contact with victims.
