Fraudsters took advantage of Amazon’s image to create a website featuring a fake contest. Experts from CERT Orange Poland warn against this form of attack, as the fraudsters want to extort payment card details. For this purpose, they create competitions that tempt users with expensive or unobtainable products.

In this case, in order to win the “Huawei Mate 40 pro 5G Full Netcom 8G + 256 GB” you only had to complete the survey. In addition, in order to spread the bogus website, a requirement was introduced to share the contest with 20 friends via WhatsApp messenger. After sharing the competition with the given number of friends you had to provide the payment card details in order to cover the shipping fee.

It is known th

At the beginning of the coronavirus pandemic, we wrote about the ways how the current situation can be abused by criminals. Since the emergence of COVID-19 vaccines, the black market of the so-called darknet was filled with offers to buy preparations from such producers as AstraZeneca, Sputnik, Sinopharm and Johnson & Johnson.

The cost of the vaccine ranges from PLN 1,900 to PLN 2,900. According to the portal dobreprogramy, if you buy two doses of the vaccine, the buyer can qualify for a promotional offer where the next preparation is free. In urgent cases, criminals deliver the order on the next day. Additionally, you can buy a virus vaccination certificate for less than PLN 580.

CheckPoint experts have seen a large

The attack on users of OLX classifieds portal that we wrote about recently has been modified, possibly due to the spread of the described scam scheme on the web.

The Computer Security Incident Response Team of the Polish Financial Supervision Authority noticed that scammers on OLX are trying new methods, aimed at one thing - extorting money.

Until now, the attack consisted in sending the seller on OLX a link to a fraudulent website pretending to be OLX or a courier company in order to accept the receipt of money for the purchased item. On the website, the seller is asked to provide payment card details, there is also a request to provide credentials to the bank account, personal data such as PESEL number, mother’s maiden na

Niebezpiecznik portal warns against the growing wave of attacks targeting OLX users. Niebezpiecznik claims that the problem has grown to a scale that has not yet been seen on the Polish Internet.

The attack is based on pretending to be a buyer and obtaining the payment card number from the seller along with other data under the pretext of receiving payment for the purchased product.

Scammers communicate with the buyer via OLX or ask for an email address to which they send a fake message pretending to be the classified ad service. There is also an option to call back via WhatsApp messenger if the seller has provided a phone number in the listing.

In the next step, scammers send a link to the fake we

Cybercriminals run a fake ad campaign advertising a face cream called Nulavance. Experts from the company ESET warn against this advertising campaign, because you can lose money.

In fact, the advertised cream does not exist and the order form is a tool in the hands of fraudsters.
The campaign is conducted by email. If the victims click on the photo included in the message, they are redirected to a specially crafted page with the form. The victims then must provide their contact details and payment card details.

If you came across the above spam campaign and provide your details, be sure to contact your bank and block your card immediately.

Hackers attacked SITA, the IT service provider for the majority of airlines. The SITA company deals with communication onboard airplanes, the security of the airport networks and airlines.

SITA company informed that the hacking attack took place on February 24th. Hackers compromised servers storing the passenger data for airlines such as: Lufthansa, United Airlines, Singapore Airlines, All Nippon Airways, Cathay Pacific, Finnair, Japan Airlines, Jeju Air, Malaysia Airlines and New Zealand Air.

As a result of the hacking attack, SITA secured the infrastructure and contacted the affected lines. At the moment, it is not known what data was intercepted. Some of the affected airlines have issued statements of their own.

A new phishing campaign in which cybercriminals pretend to be a FedEx courier company.
CERT Orange Poland warns especially users of Android smartphones. Cybercriminals send text messages that inform them about the upcoming delivery of a package, a link is attached to the message.

Content of the message: FedEx: Your package arrives, track here: https://cssincronbucuresti[.]ro/pkg/?1mrdumbk

The URL points to a Romanian domain that has nothing to do with the FedEx courier company. After clicking the link from the Android browser, a fake courier website is displayed, suggesting that you have to download the application. The website even has instructions on how to install the rogue application.

Fraudsters claiming to be ZUS employees try to extort money from seniors by offering help in obtaining the EU “500+” benefit.
Fraudsters stalk elderly people in their homes, pretending to be ZUS employees, who are joined after a while by a person claiming to be a ZUS certification doctor. Fraudsters, in order to relax the seniors' vigilance, assure that they were also at their neighbors.

During the visit, the seniors are examined and are also asked to show their medical records. They are then asked whether they are receiving a pension and whether it is paid into a bank account or whether it is delivered by the postman. Fraudsters also ask if the elderly person is living alone and how far away their family is.

Sen

A policeman has posted his phone on the auction site, he was contacted by a man that claimed that he was waiting for immediate shipment, as he had just made a transfer for the item on display.

The policeman replied to the buyer that the shipment would only take place when the transfer was credited to his bank account. Meanwhile, the buyer sent him a link to the page where the transaction confirmation was supposed to be, quoting “I paid. To receive the money, click on the link and confirm the order. The courier will contact you after confirmation.” In addition, the buyer threatened to report the matter to the police if the seller did not send him the “purchased” phone.

Remember not to rashly click on links received fro

ING Bank Śląski warns against fraudsters pretending to be bank’s employees. This type of scam is known, the scammers only change the excuse under which they call customers.

Fraudsters claiming to be a bank employee inform their victim that they have blocked a suspicious transfer and persuade them to install a special application.

Fraudsters have details such as your name and sometimes your home address if they can find it online. Cybercriminals assure their victims that the situation is under control, however, in order to improve communication with the bank or remove the virus, they encourage them to download and install an application such as Quicksupport.

ING Bank Śląski warns that if a ban

The CSIRT team (Computer Security Incident Response Team of the Polish financial sector) warns against fraudsters who have introduced a fake PKO BP IKO application.

The IKO application is offered by the PKO BP bank and can be used by up to 3.2 million bank’s customers.
According to the CSIRT, Alien malware, whose task is to steal online banking passwords, is hiding inside the malicious application.

Remember to only install the application from official sources. It is important to verify who its developer is. It is also worth looking at the number of application downloads and user reviews. It is known that the more rating and positive reviews an app has, the more downloads it gets. Unfortunately, it may happen that

CERT Poland warns against a phishing campaign targeting entrepreneurs who expect orders filled out online. The entrepreneurs receives emails with information about the delivery or order of goods, the message includes an attachment.

Cybercriminals pretend to be real entities.

The message contains multiple linguistic errors, which are typical for this type of fraud, i.e.
- "Please pay attention to the delivery order in accordance with the terms therein contained"
- "Please find the attached order of inquiry arrange the delivery express. Send us an confirmation order with terms payment."

Attached is a RAR archive which conta

As a part of the Safer Internet Day, BNP Paribas Bank decided to impersonate fraudsters. In this way, the bank wanted to make its customers aware of the threats existing online.

Using an official Facebook profile, BNP Paribas posted a scam often used by criminals. In the content of the post, the bank’s client could find information about the possibility of receiving a prize, all that was needed to do is to click the attached link, the prize would be awarded only to the first hundred people. The content of the post was written in capital letters with emoticons woven in between. The link led to the domain bnpparlbas[.]pl, one letter was changed in the bank’s name, hoping that it would not be noticed.
The link, however, in this case led to the

CERT Orange Poland warns against text messages informing about debt or underpayment of the invoice. The scam affects all mobile phone users, regardless of operator.

The goal of the phishing campaign is to steal funds from your bank account.

According to CERT, the fraudsters count on the fact that a person who receives a text message with information about the debt of the account, which is associated with the deactivation of the phone number, will simply get scared and pay a small amount of PLN 3.50.

The recipient of such an SMS should pay attention to the name of the sender, in this case it is “K0N0SIM”, so it has nothing to do with any of the operators. However, the link attached to the messag

Police warn against investments in cryptocurrency, which require you to be very careful. An example is given of a resident of Zamość poviat who lost money instead of making a quick profit.

The affected person found an advertisement for an investment platform online and provided basic contact details by completing the application form. After this step, the victim was contacted by a woman to whom he had transferred the equivalent of about PLN 930 as part of the “entry fee” that was supposed to be refunded.

In addition to transferring the money, the man also provided the woman with credit card details along with a photo of the driving license, thanks to which he obtained login details for the platform’s account. The man�