FacebookTwitterLinkedIn

Avoid being scammed by "International promotion of postal services"

Also Known As: International promotion of postal services phishing scam
Damage level: Medium

What is "International promotion of postal services"?

"International promotion of postal services" is a scam proliferated by deceptive/scam sites. It operates by congratulating visitors that they have been chosen by Company Control Service and "the international share of postal services" as one of several hundred annual "Happy e-mail" winners.

Users are notified that their email inboxes were chosen and that they have consequently won a monetary prize. These scams use social engineering tactics to fool users into revealing their personal and banking information. Rather than receiving any prizes, users experience financial loss.

Typically, web pages hosting these scams are accessed via redirects caused by intrusive advertisements or Potentially Unwanted Applications (PUAs) already infiltrated into the device.

alt

The "International promotion of postal services" scheme claims that users can win up to twenty thousand euros by devoting a mere five minutes to answering several questions. Further into the message, it is stated that the sum can range anywhere between ten and twenty thousand euros.

Users are urged to click the button 'displayed below' and answer a few questions, prior to their winning amount being determined. This button leads to a quick multi-choice survey, involving various email-related queries. Users are then led to an online chat, allegedly with the "Golden Email" stock manager.

In this "conversation", users are thanked for answering the questions. They are asked whether they are ready to find out the size of their winnings and have it transferred to their banking account/card.

The chat provides more information about the "International promotion of postal services" - supposedly, the largest postal services have merged and promotion has begun in United States, Europe, Asia and other, unspecified countries. This "promotion" has a budget of two million euros, which is to be distributed between different counties and randomly selected users.

After a button is clicked, which determines the prize sum, users are presented with the figure and urged to click "Go to payment". This web page informs users that, to transfer the prize, it is necessary to pay a 'confirmation fee' in order to verify payment details.

This fee is twenty-five euros and, once paid, users are assured that it will be returned within twelve hours. It is claimed that, with this payment, the user's identity will be confirmed and stored for the purpose of future transfers.

Additionally, whether the bank account card supports euros or not is irrelevant, as any currency will be automatically converted (and this process is allegedly free). This procedure is stated to be mandatory for all participants.

If users are tricked into complying to these conditions, they are redirected to a different website from where the transaction (the "confirmation payment") can be made. After this fee is paid, however, users do not receive the promised prize. They are scammed: lose their money and receive nothing in return.

"International promotion of postal services" and other, similar prize announcements (which seem too good to be true) are scams. Trusting them is a certain way to financial loss and infringement of personal privacy.

PUAs are one of the primary causes of access to deceptive websites. These rogue applications can force-open sale-oriented, untrustworthy, compromised, deceptive/scam and even malicious web pages. Some of these apps can run intrusive advertisement campaigns.

I.e. deliver various undesirable and harmful ads. The delivered ads are not only responsible for diminished browsing experience, but they can also cause redirects to dangerous sites and stealthily download/install content (e.g. PUAs). Other unwanted applications can hijack browsers (make unauthorized changes to settings) and promote fake search engines.

Commonly, PUAs have data tracking abilities. They record users' browsing history (URLs visited, search queries typed, etc.) and gather personal information (IP addresses, geolocations and other details). Therefore, PUAs can lead to browser/system infiltration and infections, financial loss, serious privacy issues, and even identity theft.

To protect your devices and privacy, remove all dubious apps and browser extensions/plug-ins immediately.

Threat Summary:
Name International promotion of postal services phishing scam
Threat Type Phishing, Scam, Social Engineering, Fraud.
Fake Claim Scam claims users have won an award, due to their email inbox being randomly chosen.
Detection Names Forcepoint ThreatSeeker (Suspicious), Full List Of Detections (VirusTotal).
Serving IP Address 198.54.116.113
Symptoms Fake error messages, fake system warnings, pop-up errors, hoax computer scan.
Distribution methods Compromised websites, rogue online pop-up ads, potentially unwanted applications.
Damage Loss of sensitive private information, monetary loss, identity theft, possible malware infections.
Malware Removal (Windows)

To eliminate possible malware infections, scan your computer with legitimate antivirus software. Our security researchers recommend using Combo Cleaner.
▼ Download Combo Cleaner
To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.

"Like Of The Year", "You Are Our Winner Today!", "Attention Your Computer Has Been Infected", and Adobe Flash Player Update are just some examples of other scams amongst thousands present on the internet. Typical scam methods include social engineering and scare tactics.

For example, users might be congratulated for winning a prize, receive 'incredible' offers, or be warned of threats/issues present on the system. Note that the latter is impossible, as no website can detect problems within devices. The only purpose of deceptive/scam sites is to generate revenue for their developers.

This can be done various ways, such as by tricking users into making monetary transactions, or downloading, installing, or purchasing untrustworthy software or updaters, and other means. You are expressly advised against trusting these web pages or following their recommendations.

How did potentially unwanted applications install on my computer?

PUAs are primarily spread through download/installation set-ups of other software. This deceptive marketing technique of packing regular programs with unwanted or malicious content is called "bundling". Rushing download/install processes (e.g. skipping steps and sections, etc.) increases the risk of potential system infiltration and infections.

Some PUAs have "official" download web pages. When clicked, intrusive ads can execute scripts designed to download/install PUAs, without users' permission.

How to avoid installation of potentially unwanted applications

Users should research content, prior to downloading/installing. Use only official and verified download sources. Peer-to-Peer sharing networks (BitTorrent, eMule, Gnutella, etc.), free file-hosting websites and other third party downloaders are untrustworthy and should be avoided.

Treat download/Installation processes with caution. Read the terms, study all available options, use the "Custom/Advanced" settings, and opt-out of supplementary apps, tools, functions, etc. Intrusive ads usually seem normal and innocuous, however, they can redirect to rogue pages (e.g. gambling, pornography, adult-dating and others).

If you encounter ads/redirects of this kind, inspect the device and immediately remove all suspicious applications and/or browser extensions/plug-ins. If your computer is already infected with PUAs, we recommend running a scan with Combo Cleaner Antivirus for Windows to automatically eliminate them.

Text initially presented in the "International promotion of postal services" scam:

International promotion of postal services
Get up to 20,000 euro!
devoting just 5 minutes to our questions!
SPECIAL DETAILS
Company Control Service, together with the international share of postal services, conducts an annual share "Happy e-mail"
If you are on this page, then your email inbox was chosen among several hundred lucky people who had a chance to win a cash prize.
The amount of your winnings can be from 10 to 20,000 euro
Before determining the amount of your winnings, you need to answer a few questions. To get started, click on the button below. 

Appearance of "International promotion of postal services" scam (GIF):

alt

Screenshots of "International promotion of postal services" scam online chat:

alt alt

Text presented in this chat:

Hello !
My name is Sofia, I am a stock manager "Golden Email". Thank you for answering our questions. Tell me are you ready right now to find out the amount of your winnings and go on to pay it to your account or bank card?


I'll tell you a little about the action. Most recently, the largest postal services have merged and started the introduction of this promotion in the United States, Europe, Asia and other countries. The budget of this promotion is 2,000,000 euro, these funds will be distributed between different countries, completely different users, whose mailing address will randomly be included in the lists of participants.
I am sincerely happy for you, and congratulations on participating in our action!

Screenshot of page displayed after the chat:

alt

Text displayed in this page:

International promotion of postal services
Congratulations!
Your payout is:
€12 628
The amount of your winnings was: 12 628 евро
Go to payment

Screenshot of page displayed after the "Go to payment" button is pressed:

alt

Text presented in this page:

International promotion of postal services
Your payout is:

€12 628

To transfer the winnings to your account, you need to make a payment confirming your payment details. The money transfer system will remove a small amount of € 25 from your card/e-wallet. With this payment, your identity will be confirmed, and your card/e-wallet will be saved for future transfers. The withdrawn amount will be automatically returned to your card/e-wallet within 12 hours.

ATTENTION!
If your account does not support euro. Then the amount of your fee will be automatically converted into the currency of your account.
Conversion in the transaction process is free.

The cost of the confirmation payment will be - € 25
This procedure is obligatory in our system and all participants pass it.

Pay confirming payment and withdraw funds

Screenshot of website for paying the fake "confirmation payment":

alt

Text presented in this page:

Payment destination:

CONFIRMATION PAYMENT

Your information


Your name

Your e-mail
Payment method
To pay: 25.00 EUR

We only accept payments with 3D Secure!
We are processing only Mastercard.
Go to pay

Second step of the transaction:

alt

Text presented in this page:

Enter payment card information
Visa, MasterCard
Amount
25 EUR
Holder Name:
Card Number:
Expiry Date:
Card verification code
3 digits on the back of the card

Support for buyers
Pay
Payments protected by PCI DSS 3.2

Instant automatic malware removal: Manual threat removal might be a lengthy and complicated process that requires advanced IT skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:
▼ DOWNLOAD Combo Cleaner By downloading any software listed on this website you agree to our Privacy Policy and Terms of Use. To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.

Quick menu:

How to identify a pop-up scam?

Pop-up windows with various fake messages are a common type of lures cybercriminals use. They collect sensitive personal data, trick Internet users into calling fake tech support numbers, subscribe to useless online services, invest in shady cryptocurrency schemes, etc.

While in the majority of cases these pop-ups don't infect users' devices with malware, they can cause direct monetary loss or could result in identity theft.

Cybercriminals strive to create their rogue pop-up windows to look trustworthy, however, scams typically have the following characteristics:

  • Spelling mistakes and non-professional images - Closely inspect the information displayed in a pop-up. Spelling mistakes and unprofessional images could be a sign of a scam.
  • Sense of urgency - Countdown timer with a couple of minutes on it, asking you to enter your personal information or subscribe to some online service.
  • Statements that you won something - If you haven't participated in a lottery, online competition, etc., and you see a pop-up window stating that you won.
  • Computer or mobile device scan - A pop-up window that scans your device and informs of detected issues - is undoubtedly a scam; webpages cannot perform such actions.
  • Exclusivity - Pop-up windows stating that only you are given secret access to a financial scheme that can quickly make you rich.

Example of a pop-up scam:

Example of a pop-up scam

How do pop-up scams work?

Cybercriminals and deceptive marketers usually use various advertising networks, search engine poisoning techniques, and shady websites to generate traffic to their pop-ups. Users land on their online lures after clicking on fake download buttons, using a torrent website, or simply clicking on an Internet search engine result.

Based on users' location and device information, they are presented with a scam pop-up. Lures presented in such pop-ups range from get-rich-quick schemes to fake virus scans.

How to remove fake pop-ups?

In most cases, pop-up scams do not infect users' devices with malware. If you encountered a scam pop-up, simply closing it should be enough. In some cases scam, pop-ups may be hard to close; in such cases - close your Internet browser and restart it.

In extremely rare cases, you might need to reset your Internet browser. For this, use our instructions explaining how to reset Internet browser settings.

How to prevent fake pop-ups?

To prevent seeing pop-up scams, you should visit only reputable websites. Torrent, Crack, free online movie streaming, YouTube video download, and other websites of similar reputation commonly redirect Internet users to pop-up scams.

To minimize the risk of encountering pop-up scams, you should keep your Internet browsers up-to-date and use reputable anti-malware application. For this purpose, we recommend Combo Cleaner Antivirus for Windows.

What to do if you fell for a pop-up scam?

This depends on the type of scam that you fell for. Most commonly, pop-up scams try to trick users into sending money, giving away personal information, or giving access to one's device.

  • If you sent money to scammers: You should contact your financial institution and explain that you were scammed. If informed promptly, there's a chance to get your money back.
  • If you gave away your personal information: You should change your passwords and enable two-factor authentication in all online services that you use. Visit Federal Trade Commission to report identity theft and get personalized recovery steps.
  • If you let scammers connect to your device: You should scan your computer with reputable anti-malware (we recommend Combo Cleaner Antivirus for Windows) - cyber criminals could have planted trojans, keyloggers, and other malware, don't use your computer until removing possible threats.
  • Help other Internet users: report Internet scams to Federal Trade Commission.

▼ Show Discussion

About the author:

Tomas Meskauskas

Tomas Meskauskas - expert security researcher, professional malware analyst.

I am passionate about computer security and technology. I have an experience of over 10 years working in various companies related to computer technical issue solving and Internet security. I have been working as an author and editor for pcrisk.com since 2010. Follow me on Twitter and LinkedIn to stay informed about the latest online security threats. Contact Tomas Meskauskas.

PCrisk security portal is brought by a company RCS LT. Joined forces of security researchers help educate computer users about the latest online security threats. More information about the company RCS LT.

Our malware removal guides are free. However, if you want to support us you can send us a donation.

About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Removal Instructions in other languages
Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

QR Code
International promotion of postal services phishing scam QR code
Scan this QR code to have an easy access removal guide of International promotion of postal services phishing scam on your mobile device.
We Recommend:

Get rid of Windows malware infections today:

▼ REMOVE IT NOW
Download Combo Cleaner

Platform: Windows

Editors' Rating for Combo Cleaner:
Editors ratingOutstanding!

[Back to Top]

To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.