Rossmann store has issued a message in connection with fraudulent “you have won a competition” messages. The shop’s customers received fake text messages informing them about the win in the contest, directing the victim to a website where credit card number needs to be provided.

If one of the clients provides his details, a paid subscription is immediately charged on the card, with withdraws up to PLN 300 per month from the account!

According to Rossmann, the content of the text message varies:

-       “We were trying to contact you about your winnings. Get it here: http: // …..”



The dangerous Emotet Trojan, which after a few months of inactivity made itself felt by attacking Internet users with fake emails, has this time targeted mBank customers.

mBank warns of dangerous phishing campaign. Cybercriminals send virus by email in the form of a Word file attachment or a link to a page containing the malicious file.

As the bank explains, the goal of cybercriminals is to intercept login credentials for banking systems in order to extort money. What’s more, the Emotet virus steals passwords saved in browsers and intercepts messages and contact details from mailboxes, so it can pretend to be the victim.

You should pay close attention to the sender


A Danish manufacturer of hearing aids and bone implants and hearing aid devices, with a branch in Szczecin, was attacked by cyber criminals, which resulted in a complete paralysis of the production line.

On the third of September, one of the company’s employees informed wszczecinie.pl portal that the employees had been released earlier, with a big question mark about the next working day. It had been speculated that the hacker attack on DGS originated from China and that once someone attacks a server in Denmark, all production in Europe is halted. However, at that moment, the director general of DGS Poland, according to the wszczecinie.pl portal, said that the company was struggling with network problems and did not confirm the suspected cyb

Monday 7 October 2019, Safety Guide

Vulnerability in WordPress


Fortinet experts have discovered a vulnerability in WordPress that allows cybercriminals to bypass the JavaScript and HTML filter, thus enabling a cross-attack using malicious script.

According to the Chip portal, the vulnerability particularly affects users with an administrative account privileges. The vulnerability affects WordPress versions 5.0 to 5.04, as well as 5.1 and 5.11.

Thanks to the vulnerability, cybercriminals are able to take over control of the account and the server on which the sites operate.
If you are using WordPress versions listed above, download the security patch immediately.

Thursday 3 October 2019, Safety Guide

Return of the Emotet Trojan


Emotet is one of the most dangerous Trojans, which after several months of inactivity is on the offensive again. It attacks Internet users through fraudulent emails.

The Emotet Trojan gains access to emails, logins and passwords, thanks to which it has control over victim’s mailboxes, including the ability to affect correspondence. An example would be impersonating a message from Microsoft, as shown by Komputer Świat portal. The content of the message includes an attachment regarding the change of license. If the victim opens the file, it will run malicious macros.

According to cyber security experts, the Trojan could have created a database containing over 200,000 logins and passwords.
In the case of Trojans whic


Dangerous Joker virus was hiding in Google Play applications. Users that granted quite wide range of permissions to selected applications had found out their bank accounts were pretty lean, due to the fact that application was stealing money.

Joker virus registered its victims on sites requiring paid subscriptions. The theft of money from the account consisted of intercepting the SMS code, after which the credit card was charged with small amounts, which reached out to sever dozens PLN a month.

According to the Chip portal, citing the CSIS company, the virus was discovered in 24 applications in the Google Play Store, and the number of downloads reached a figure of half a million.


Attack on 6,700 servers with the Lilu encryption virus. Cybercriminals are demanding a ransom for unblocking the access to the encrypted websites.

According to the ZDNet portal, hackers break into poorly secured www servers that are run on the Linux OS. In order to extort a ransom, they encrypt the code of the website, but only that containing the HTML, SHTML, JS, CSS, PHP and INI extensions.
The victim is then redirected to websites on darkweb. Unlocking the access is priced at 0.03 bitcoin, which translates to around $ 325.

According to the experts from ZDNet, there may be even more victims, due to the fact that that not all Linux servers were indexed in Google search engine. 


The bank, which according to the analysis of German IMWF is the safest online bank in the country has become a victim of a hacker attack. Result? Loss of 1.5 million euros!

Victims, 2,000 clients of the bank, used debit cards with EMV security. According to Chip, cards were cloned by hackers and the money was withdrawn in Brazil.

According to the OLB, security protocols were not violated, and the theft was the result of organized cybercrime utilizing fake cards and terminals. The bank took appropriate measures and blocked all Mastercard debit cards, as well as issued new ones.
The bank has also compensated customers that became victims of the theft.

Thursday 19 September 2019, Safety Guide

Attack on iPhone users


Cybersecurity exports from Google’s Project Zero team have revealed a series of attacks in which hackers used Apple software vulnerabilities to infect devices with malware for two years.

The attacks were targeted at people who visit certain websites, each of them could be infected, and the virus could steal confidential data like photos, messages or real time location data. Cybercriminals had access to the data from applications such as iMessage, WhatsApp, Gmail, Telegram or Hangouts. Hacked websites had weekly views up to several thousand. At this point, it is not known which websites were affected.

14 exploits were discovered for iOS version 10 through 12. This indicates that even people with up to dat

Monday 16 September 2019, Safety Guide

Long-distance call scams


Another wave of attacks based on long-distance calls. If a potential victim calls back an unknown foreign number, he/she will be charged with high amount, even for a few seconds connection.

Connections come from Somalia, Republic of the Congo, Nigeria or Cape Verde. Beware of incoming calls starting with +252, +247, +243, +675, +263, +238. A minute for such connections cost up to PLN 13. According to Dziennik Internautów, scammers simulate an end of the conversation, which, in fact, is still ongoing. If a victim does not physically terminate the connection on its end it might result in a bill for PLN 1,500.

If you notice notorious long-distance calls to your phone, the best solution is to block the number

Monday 9 September 2019, Safety Guide

Encrypted data on a Canon digital camera


If you own a DSLR with Wi-Fi support be careful where you connect the equipment. Experts from Check Point Research have found a backdoor into a Canon EOS 80D digital camera. After hacking the device, they infected it with data encryption software.

The specific model supports USB and Wi-Fi connections. According to the Chip portal, researchers easily managed to break into the camera through a number of errors in Picture Transfer Protocol.

Please note that other digital cameras from other brands may also have gaps in PTP. Canon has issued a statement warning its customers of the potential risk of an attack when the device is connected via an unsecured network to a computer or a smartphone. In addition, the m

Thursday 5 September 2019, Safety Guide

IPhone cable and data interception


The ingenuity of cybercriminals in capturing data is forever increasing, hackers have now created an iPhone cable that makes it easy to take control over a computer.

A network security expert going by nickname MG has showed that you can use a regular Lighting-USB cable to capture data. All that’s needed is to introduce WiFi implant into the cable, thanks to which the cybercriminal can execute remote commands on the targeted computer. According to Cyberdefence24 a hacker can lock the computer screen and steal the system password.

The only thing that hackers needs to do is to physically swap the cables, according to the expert, similar actions can be performed with any other cable.


Store zapraszamybowarto.pl tempted people with low prices, but by shopping there instead of the expected product they lost money from their accounts.

Zaufana Trzecia Strona reports that the store up to few years ago enjoyed a very good reputation among customers, however, the original owner after some time gave up the domain. The domain was re-registered this year through Home.pl by a company from Opole, however, the website still shows the previous owner as the administrator (the prosecutor’s office was informed of this fact).

The fraud mechanism was based on informing the victim, who is in the process of finalizing the payment, that the redirection to the payment operator’s website failed due to an e


GermanWiper malware has targeted German companies. Cybercriminals send an e-mail to the specific company that should not arouse any suspicion, as it is a job application from a “candidate”. An employee that opens a .pdf file attached to the message with the alleged resume downloads an executable file with ransomware.

According to the Niebezpiecznik portal that cites an article published by BleepingComputer, GermanWiper scans the system for files to be destroyed. In addition, ransomware skips specific folders and files necessary for OS functions. The virus overwrites data with random strings of ones and zeros, without using an encryption key. The final step is to create a ransom note for unlocking files. People who decide to pay USD 1,500 l

Friday 23 August 2019, Safety Guide

Patched holes in iMessage


Experts from Google, Natalie Silvanovich and Samuel Gross have discovered five holes in iOS - CVE-2019-8646, CVE-2019-8660, CVE-2019-8647.

Vulnerabilities detected in the iMessage protocol allowed cybercriminals to read any file from the victim’s phone. According to the Niebezpiecznik the vulnerabilities are not dangerous, however new, dangerous variants may develop on their basis.

Apple has introduced appropriate fixes in the 12.4 iOS update, so owners of iOS devices should update their devices manually instead of waiting for autoupdate.