As a part of the Safer Internet Day, BNP Paribas Bank decided to impersonate fraudsters. In this way, the bank wanted to make its customers aware of the threats existing online.

Using an official Facebook profile, BNP Paribas posted a scam often used by criminals. In the content of the post, the bank’s client could find information about the possibility of receiving a prize, all that was needed to do is to click the attached link, the prize would be awarded only to the first hundred people. The content of the post was written in capital letters with emoticons woven in between. The link led to the domain bnpparlbas[.]pl, one letter was changed in the bank’s name, hoping that it would not be noticed.
The link, however, in this case led to the

CERT Orange Poland warns against text messages informing about debt or underpayment of the invoice. The scam affects all mobile phone users, regardless of operator.

The goal of the phishing campaign is to steal funds from your bank account.

According to CERT, the fraudsters count on the fact that a person who receives a text message with information about the debt of the account, which is associated with the deactivation of the phone number, will simply get scared and pay a small amount of PLN 3.50.

The recipient of such an SMS should pay attention to the name of the sender, in this case it is “K0N0SIM”, so it has nothing to do with any of the operators. However, the link attached to the messag

Police warn against investments in cryptocurrency, which require you to be very careful. An example is given of a resident of Zamość poviat who lost money instead of making a quick profit.

The affected person found an advertisement for an investment platform online and provided basic contact details by completing the application form. After this step, the victim was contacted by a woman to whom he had transferred the equivalent of about PLN 930 as part of the “entry fee” that was supposed to be refunded.

In addition to transferring the money, the man also provided the woman with credit card details along with a photo of the driving license, thanks to which he obtained login details for the platform’s account. The man�

Another phishing campaign targeting Netflix users. Fraudsters pretending to be Netflix inform that the user’s account has been suspended, and that in order to unblock it, a number of details need to be provided.

The email contains a link that leads to a form in which, in addition to personal data, you must provide the payment card number along with a security code. Providing the above data is supposed to lead to unblocking of the Netflix account.

The website that imitates Netflix is carefully crafted, so be very careful and check the source of your email before clicking on the link.

The ShinyHunters hacker group has hacked the MeetMindful dating site. As a result of the hack, the data of 2.28 million users was revealed.

Hackers released a 1.2 GB database on a hacking forum.

The leaked data include: name and surname, email address, data related to residence, date of birth, location, IP address, password to the portal and Facebook identification data, as well as dating preferences.
The dobreprogramy portal suggests that the stolen data can be used in the so-called sextortion, i.e. blackmail based on the victim’s intimate materials.

You might think that the data stolen by hackers is not controversial, i.e. it does not contain any “rowdy” photos or convers

Fraudsters inform about upcoming changes to the 500+ program and impersonate the Wirtualna Polska portal.

CERT Poland warns against a new campaign, fraudsters convince their victims that the 500+ benefit program will change its form and will be paid in vouchers. However, for more information one needs to log into their Facebook account. For this purpose a fraudulent link to a login page is attached to the message. However, the website itself is under the domain wiadomosciinewsy(.)live.

The goal of fraudsters is to steal data that can be used to steal money using BLIK, i.e. by impersonating a given person and sending messages to friends asking for a loan of a given amount of money.

Fraudsters posing for the Polish Energy Group try to intercept your online banking credentials. Experts from CyberRescue warn against fake SMSs from “PGE”.

In the text of the SMS, the victim is informed about the need to pay the amount due via the page to which the link is provided. If the amount due is not paid, the power will be cut. In fact, the link leads to a fake quick payment service, where the victim submits his / her data directly into the hands of the scammers.

Be careful and do not click hastily on the links, by entering your data you risk losing funds from your account.

A new version of the Joker Trojan, known as Android Joker, has appeared. People who install an application for downloading wallpapers, i.e. Stock Wallpaper, unknowingly download malware on their device.

The purpose of the Trojan is to gain access to messages and, in the next step, to subscribe victim to paid subscriptions. The victim is not able to see the SMS sent and received via the application. The victim learns about the paid subscriptions when they receive their monthly statement from the network operator.

According to experts from Dr. Web the new variant of the Trojan can be used to download and execute arbitrary code, thus it is possible to install a banking Trojan.

IKEA has issued a message warning of fraudsters pretending to be their brand in an attempt to persuade them to act so that they lose money.

IKEA warns against attempts to extort personal data or other forms of fraud, i.e. by persuading people to send Premium SMS messages or participate in lotteries, surveys and other forms of competition. Fraudsters send out messages by email or via social networks informing about the possibility of winning coupons and other IKEA-related prizes.

IKEA emphasizes that all competitions are always published on the IKEA.pl website or on official IKEA profiles on social networks.
Customers are asked not to send any SMS to confirm participation in the competition, as they may be a

A new phishing campaign targeting people who are waiting for a message from the health department regarding the quarantine.

Cybercriminals try to trick smartphone users into installing malicious application. According to Niebezpiecznik, scammers send text messages in which they inform them about being sent to home quarantine.

Text of the SMS: “You have been selected for home quarantine. Download the application to check the next visit by the police https://kwarantanna-domowa(.)com/.”

Niebezpiecznik warns against opening the hyperlink attached to the message, which leads to a website imitating Google Play Store app marketplace. The recipient of the message is prompted to download the “Home Qua

The pre-holiday period is associated with increased shopping, which has been used by cybercriminals. CERT Poland warns against fraudsters pretending to be the InPost shipping company.

Scammers send text messages prompting users to download an app from a fake InPost website. The link included with the message leads to a fraudulent Google Play Store website.

In fact, the victim downloads Cerberus malware, which enables them to steal funds from payment cards and take complete control of the device.

According to CERT Poland, the malicious domain in the received text message is inposted[.].com. Meanwhile, the sender of the message is “ACM”.

If you have received a suspicious SMS, it

Fraudsters send SMS messages to fake payment forms, which are supposed to let users receive money for the goods purchased on the OLX classifieds website.

One of the readers of the dobreprogramy portal has been informed about a suspicious SMS message, which informed about the sale of goods using the OLX website and that if the seller wants to receive the amount due to him, he must use the attached link.
Content of the message: “Your goods are sold using the OLX website. The amount to be collected is PLN 1200: cutt.ly/GhxygVH”. If the portal’s reader would have decided to “collect money” and have found a fabricated form asking for the payment card or online banking login details, he would have an unpleasant surprise due to the loss of m

Data of customers with insurance policies concluded with various companies were available online without any additional security. The leak concerned policies within a period of 5 years from May 2015 to November 2020.

According to the Niebezpiecznik porta, the leak included names, PESEL identification numbers, photos of vehicles, tests of health insured persons, and even electronic versions of policies with the entire data package.

The data concerned clients insured through Ent Broker. According to Niebezpiecznik, dozens of directories with documents concerning the company were publicly available on the server, along with a customer policy folder, which contained 555 subdirectories, each of them related to one customer.

Fraudsters send SMS messages to fake payment forms, which are supposed to let users receive money for the goods purchased on the OLX classifieds website.

One of the readers of the dobreprogramy portal has been informed about a suspicious SMS message, which informed about the sale of goods using the OLX website and that if the seller wants to receive the amount due to him, he must use the attached link.

Content of the message: “Your goods are sold using the OLX website. The amount to be collected is PLN 1200: cutt.ly/GhxygVH”. If the portal’s reader would have decided to “collect money” and have found a fabricated form asking for the payment card or online banking login details, he would have an unpleasant surprise d

Cybercriminals attacked one of the largest Polish online stores, CoffeDesk, selling coffee along with accessories.

As a result of the attack on IT systems, some of the store’s services were unavailable. In the store’s press release, we can read that third parties have gained access to the store’s server as well as the data located on it. CoffeeDesk ensures that user data is neither lost nor exported. The store ensures its customers that payment card details have not been tampered with. However, the store recommends that all its customers change their password for online store, as well as email, online banking and social media.

On the CoffeDesk website, information has been posted that customer login data have been deact