«Nova Poshta» has reported that cybercriminals have conducted a phishing attack using the company’s brand. Fraudsters are sending fake messages to Ukrainians about alleged debts to «Nova Poshta». The company claims that these letters have nothing to do with it.
Attackers use trust in well-known brands and manipulate sensitive information — in this case, claiming debt. The letter states that the recipient has a debt to LLC «Nova Poshta». There is also a warning that if the recipient does not repay the debt by December 27, 2024, «we will be forced to go to court» to collect the debt in court. The attachment to the letter contains an «updated invoice for payment of services».
.
After analyzing the phishing activity, cybersecurity experts at «Nova Poshta» recommend the following to all users who have tried to open attachments in these emails:
- Install an antivirus program (with an up-to-date database) and perform a full scan of your device for malware.
- Completely reinstall the operating system to eliminate potentially hidden threats if malware is detected during the scan or if there is a suspicion of system compromise.
It is noted that these actions are necessary to protect user data and prevent further risks.
The company’s cybersecurity unit is already working on blocking the network of servers from which the mailings are sent.
It is worth recalling the standard rules of cybersecurity:
- Check the sender’s address. Original emails from «Nova Poshta» and other well-known companies come only from official domains. Pay attention to suspicious spelling changes.
- Do not open emails from unfamiliar senders or click on links.
- If you opened the email or attachment — immediately change your account passwords and check to see if you have any other active sessions. If suspicious activity is detected, terminate all unknown sessions through your account security settings.
- Enable two-factor authentication for your email to protect your account from unauthorized access.
- If you receive such an email — move it to spam and delete it. This will help reduce the risk of repeat emails and protect other users.
Spelling error report
The following text will be sent to our editors: