The Internet Security Office warns of a massive fraud campaign that impersonates The Post Office

A massive fraud campaign, purporting to be the Post Office, is contacting people via text messages. The message advises of the arrival of a package and invites you to click on a link to confirm receipt. 

The SMS comes from a Spanish mobile number, and the objective is for the user to download a supposedly malicious delivery tracking application which would then download Trojans to steal bank details.

Given this, the Security Office makes the following recommendations: 

Affected Resources

Users who have received the message and downloaded the malicious application on their device.


If you have been a victim, you have received an SMS impersonating Correos and you have downloaded the malicious application, it is possible that your device has been infected, therefore you must delete the application and scan it with an updated antivirus.

If, on the other hand, you have received this SMS but you have not downloaded the malicious application, you simply have to delete the message from your inbox so as not to install it by mistake and go to your file manager where you will find the .apk file that downloads the application and delete it.

They also want to remind you of the importance of having backup copies of your devices and making new ones periodically, so that if a situation like this occurs you do not lose the information or the content within your device.

Of course, they recommend that you always keep your devices updated and protected with an antivirus.

If you need support or assistance to eliminate malware, INCIBE offers you its Response and support service for security incidents.

Finally, you can always report this situation to the State Security Forces and Bodies (FCSE) and if you need more information, you can call the INCIBE Cybersecurity Help Line, 017, free and confidential.