In order to improve cooperation and strengthen public and private partnerships, the National CERT held its first regular meeting with Special CERTs. The representatives of Special CERTs presented their activities over the previous period, as well as challenges they encountered in their everyday work. Particular importance was placed on the importance of a continuous exchange of information about current activities regarding the National CERT and Special CERTs. The discussion was also held about current phishing campaigns, with a conclusion to improve the education of both employees and general public.

The National CERT, operating under RATEL, keeps a registry of Special CERT's in the Republic of Serbia, in accordance with the Law on Information Security. The Special CERTs perform tasks of prevention and protection against security risks in the area of cyber security. For more details on services provided to users, please visit: https://www.cert.rs/en/evidencija-certova.html

The National CERT of the Republic of Serbia would like to warn the public of current phishing campaign targeting Meta (Facebook) users.

The users are advised to be watchful if they receive a Messenger text reading „I think I saw you in this video, is this really you?“ including a link supposedly leading to the mentioned video clip. The purpose of the link is to obtain user account data, in order to abuse the account for the further malicious content distribution. The users are therefore advised not to click on links contained in this type of messages and to delete the communication right away.

If however the user has already clicked on the link and disclosed their personal data (user name and password), in an attempt to access the video supposedly featuring their person, it is necessary to immediately change the user name and password of that account, as well as all other accounts where that same user name and password are in use.

Message sample: 

The Naional CERT would like to warn all postal service users that a fraud abusing the name of the Post of Serbia is active again. The customers are sent an SMS about a parcel supposedly not being able to be delivered due to an unpaid customs fee. For a successful delivery, a click on an included link is needed.

This link however leads to a fake page where the customer is asked to fill in their credit card data, which then enables the attackers to clear the user’s bank account.

The Public Enterprise „Post of Serbia“ has repeatedly reminded its users that this is not how it communicates with its customers, so extra caution is warranted.

The National CERT urges all recipients of such SMS not to open the link contained in the message and not to enter the information required by the fraudsters.

The National CERT website offers publications on similar threats, including an explanation about how current phishing campaigns are being carried out.

It is advised that this fraudulent activity be reported to the Post of Serbia via its Call Center at 0700 100 300 and 011 3607 788, from 8h to 20h on business days and from 8h to 15h on weekends, and also to the National CERT.