Security

Safety first

Protect your data with the
InPost Mobile application

General safety rules

The more passwords,
the better

Do not use the same passwords for e-mail and other services. Using a single password may allow criminals who steal it from one page to use it to log into other services.

Send intelligently

When sending files in the form of an attachment try to (depending on their privacy level) protect them with a password. Send the password in a separate e-mail or text message.

Always lock your phone
and computer

Remember that an unlocked device is easy prey for cyber-criminals. If you can, encrypt your computer and phone with a special program. This is an additional protection for your devices.

Think twice before opening an attachment

Attachments sent by cyber-criminals contain viruses and other programs that can infect your equipment.

High level privacy

You will increase your level of security if you change the privacy settings of your web browser to more "aggressive".

Install mobile applications only
from official stores

Cyber-criminals trick victims into downloading unauthorized applications to steal data, photos, and money.

Do not send company files to a private email address

By sending files in this way, you increase the risk that corporate documents and files will fall into the wrong hands.

Anti-virus software is a must

The software will protect your device against viruses.

Always check where you enter your password

Cyber-criminals create fake websites to steal passwords.

Remember to make backups

Backups are most useful when you lose your data unexpectedly. To do this use paid services, or a portable drive or similar device. Before sending a copy of your data to the cloud, protect it with a password.

Create strong passwords that are difficult to crack

Change passwords regularly. Passwords should not refer to your personal data, e.g. name, surname, or date of birth. Do not use the same password for different services. A secure password should have a minimum of 9 characters, contain upper-case and lower-case letters, a minimum of 1 special character and 1 digit.

Updates are vital

Make sure to regularly update your operating system, anti-virus (including anti-malware and anti-spyware) software, and firewalls.

Cyber-crime

These are all the issues that relate to Internet crime.

Phishing

This is one of the most common and popular methods of deception that cyber-criminals use. Phising consists in criminals impersonating a particular institution to obtain valuable and confidential information. These could be, for instance, passwords, logins, personal data, or bank account and credit card details.

One form of phising is the so-called SMS phising (smishing), which consists in sending text messages to induce the device user to take a specific action. Phishing messages always contain a link to a fake website, where an oblivious user provides criminals with their login and password.

Spoofing

A method of internet fraud based on impersonation of a specific entity (a piece of software or another Internet user) in order to extort sensitive data, such as access to bank accounts. There are several types of spoofing: IP address spoofing, email spoofing, DMS spoofing, and caller information spoofing.

Spoofing is a relatively cheap operation that can be performed by anyone with basic IT knowledge. Own SMS gateway, fake domain, or use of technology give criminals almost unlimited possibilities of acting and extorting funds.

Malware

This is malicious software sent as an attachment, with the purpose of gaining access to your device. You should be especially careful about malware varieties such as: spyware, rootkits, Trojans, and keyloggers. Malware usually gets into your device via email. Therefore, under no circumstances should you download any attachments that you are not sure have come from an authentic and proven source.

Ransomware

A type of malware, which completely blocks access to the computer's operating system. Criminals usually demand a lot of money for unlocking the device. Ransomware can infect your computer via email or website, and the best specialists in such attacks not only encrypt the system, but also individual files and folders on your computer. This is why data backups are so important. Under no circumstances should the criminal's financial demands be met - the situation must be reported to law enforcement as soon as possible.

We recommend increased attention and caution in providing your data or "clicking"
suspicious messages. If you notice suspicious incidents, please report them to:

Learn about InPost security rules

Text messages

Check how to protect yourself against fake text messages.

Check

E-mail messages

Check how to protect yourself against fake e-mail messages.

Check

Applications

Check how to protect your applications.

Check

Devices

Check how to protect your devices.

Check

Text messages

  • Watch out for fake text messages.
    Please be advised that InPost never sends text messages with information about surcharges. All billing information appears only in the Parcel Manager or on the invoice.
  • Watch out for messages that require you to send a paid SMS to "download shipment information"
    Sending the text messages charges a fee that goes to the fraudsters' account.
  • If the message seems suspicious to you, check it at the source, i.e. the company that sent the message.
    Call, write, or ask directly. Never dial the phone number provided in such an email or text message, and instead go to the website of the company that sent the text message or email and use the contact details provided on the website.
Danger sms

E-mail messages

  • Make sure there is no typo in the email address.
    Criminals send dangerous emails from fake but similar-sounding addresses, such as @intops.pl, @impost.pl or @inpost-eu.pl. E-mails sent by cyber-criminals differ from the originals mainly in spelling, strange, suspicious addresses and attachments.
  • Real InPost notification emails never contain any attachments!
    If you receive a message with an attachment, under no circumstances open the file (usually with the extension .doc, .txt, or .pdf). In addition, the phrase list przewozowy ("waybill") often appears in the content of infected messages, which we never use.
  • Watch out for messages that require you to send a paid SMS to "download shipment information".
    Sending the text messages charges a fee that goes to the fraudsters' account.
Danger mail

Applications

  • Only download applications from a legal, authorized source.
    Use common sense when using apps on your smartphone. You can download our InPost Mobile application (the best way to track shipments) - depending on the operating system you have - here:
    Google Play
    App Store
    Huawei AppGallery
  • Secure access to your applications.
    Protect your phone with a password or PIN (but not something like 1234, 9876) or use a fingerprint lock. Secure your computer with a password, you can also password-protect your hard drive.
  • Remember to install updates, because they improve phone and application security.
    Make sure they are always installed.

Devices

  • Watch out for public WiFi networks.
    The name of the network may be similar to the place where you are (e.g. "SafeShoppingMallNetwork"), but this does not necessarily mean that it is a network issued by the facility manager. The golden rule is: if you really don't have to, don't use it. It is much better to use a hotspot shared from your smartphone for work or entertainment on the go.
  • Carefully verify the web addresses of websites that you visit from your device. A correct web address should have the HTTPS protocol, i.e. https://.
  • Do not connect accidentally found external drives or other USB storage devices to your computer.
    You never know if they are safe or whether they are carrying a virus. It is best to check such media on an old computer without internet connection or at a computer service shop.

Read current safety messages

2020.03.26

Beware of fake phishing emails!
A new wave of fake messages has appeared in which cyber-criminals impersonate InPost, informing customers about surcharges for shipments, caused by their disinfection. Please be careful and remember that InPost never sends text messages with information about surcharges! Clicking on the link threatens to infect your phone with malware. We would also like to inform you that we do not send any information to verify shipments due to the coronavirus threat.

2020.03.21

WARNING! Cyber-criminals once again try to impersonate InPost. They send text messages informing about the possibility of tracking shipments via a mobile application with a link to a malicious domain attached. Clicking on the link threatens to infect your phone with malware. InPost NEVER sends text messages with links to websites outside the inpost.pl domain. We remind you that for your own safety you should only install software from the official sources - Google Play, App Store and Huawei AppGallery. If you have installed the application from another source, you should immediately restore your phone to its factory settings. We would also like to inform you that we do not send any information to verify shipments due to the coronavirus threat