Lost24

A tempting offer for the Samsung Galaxy S20 flagship smartphone, which at a regular price costs almost PLN 4,000, has appeared online.


According to the Niebezpiecznik website, a Facebook post appeared online which claimed that there is a pricebug in Samsung online store, as a result of which the Galaxy S20 smartphone can be bought for 2 euros. In order to find this tempting offer, you had to enter the phrase SGAL2077B in Google.


The person who was tempted by the offer was directed to the fabricated website, in which the data had to be provided in a specially prepared form. The form concerned a lottery in which you could win a Samsung Galaxy S20 smartphone for 2 euros.


If someone did not read the te

Lost24

The vulnerability discovered in Samsung security is quite serious, as it allows using the malicious MMS code to take control of the device. The victim does not even have to open the message, it is enough that it is delivered to the phone.


The hacker has the ability to read text messages, view photos, launch applications, also has access to contacts, microphone and conversation history.


According to Sekurak website, most probably every Samsung smartphone released after 2014 is affected by some variant of this vulnerability.


In May, Samsung released an update that removes this vulnerability but the update has not yet reached all smartphones. 


Lost24

Warsaw University of Technology has informed that a data leak has occurred on the Remote Learning Center (OKNO), which may cause a breach of personal data.


Warsaw University of Technology recommends that persons using the platform should report the leak of personal details, mainly ID card number and PESEL identification number. It is recommended to file a credit block to the Credit Information Bureau (BIK), which guarantees that users will receive alerts if someone tries to obtain a loan using the stolen personal data.


The Trusted Third Party portal was the first to inform about the incident thanks to a tipper who sent a copy of the database from the OKNO platform. Data leak may affect up to 5,000 people.

&l

Lost24

Zippo.pl store fell victim to cybercriminals, the site stopped working, and its customer data fell into the wrong hands.


Cybercriminals managed to intercept data related to the credit card numbers used in Zippo.pl store along with CVV codes and used them to link them with Glovo and Uber applications, thus stealing from the shop’s customers.


Cybercriminals have also stolen clients’ personal data such as name, address and phone number.
According to the Niebezpiecznik portal, owners of the stolen credit cards can be calm, as unrecognized transactions can be undone. However, you should carefully track your credit card statements and in the event of an unrecognized transaction, please report it to your bank.


Lost24

Fraudsters send text messages suggesting the possibility of receiving non-returnable cash in the amount of PLN 5,000 or 10,000 as part of the anti-crisis shield. In order to “receive” this amount, the potential victim is to confirm their details by making a small money transfer.


If the victims click on the link included in the SMS, they will be redirected to a fake PayU payment form to make a transfer of PLN 1, which is necessary to confirm the identity of the person. By default, scammers want to extort the electronic banking login credentials, but also attempt to obtain data such as PESEL identification number, the maiden name of the victim's mother - data which are necessary to verify the identity during a phone conversation with the bank's repres

Thursday 30 April 2020, Safety Guide

BLIK scam - mBank warns its clients

Lost24

mBank warns its clients against fraudsters impersonating friends and bank employees. According to the bank, two types of scams have recently become quite popular, including a BLIK one.


In the first scenario, fraudsters impersonating a friend try to extort money under the pretext of paying overdue bills, for this they ask the victims for a BLIK code.


In another scenario, fraudsters posing for the bank’s employees attempt to “block” a transfer from the victim’s account to an unknown recipient. The scammers ask users to install the application so that the transfer is blocked and in order to do so they send the link to the application via an SMS. In addition, they inform the victims that if they do not complete the instal

Lost24

The attractive rental price for the apartment and the time pressure can fool many. According to the Trusted Third Party one of its readers was scammed by the apartment rental listing on the OLX portal.


The vigilance of the victim was dormant, the alleged owner of the apartment was familiar with the location and was listing the nearby shops and bus lines to the victim. However, one thing that could raise doubts was the price, which was very attractive in comparison to regular prices in Warsaw.


The scammer without hesitation agreed to the reservation of the apartment in the form of a civil law contract, which he sent by email and also asked for a security deposit in the amount of a monthly rent - a transfer of PLN 1750 to an ac

Friday 24 April 2020, Safety Guide

Infected E-pity software variant

Lost24

CERT Poland warns people who have not yet settled their accounts with the tax authorities about a modified software for filling in the PIT declaration - E-pity.


Cybercriminals have modified the E-pity software and embedded in it an additional module from the Zloader family. Accessing the epity2020[.]pl domain is associated with an attempt to install banker type malware which targets online banking. According to CERT the malware contains fabricated schemas for multiple Polish banks.


According to CERT Poland, after visiting the site from an Android device, an attempt is made to instal an application containing malicious code on the platform - malware from the Cerberus family.
The “password for archive” bit on the E

Lost24

Leak of personal data does not necessarily have to be associated with the activities of hackers. According to Sekurak people who migrated the training platform system or were testing the new environment were responsible for the data leak.


The data leakage concerns prosecutors, judges and court staff. Leaked records contain personal data, phone numbers, email addresses, places of residence and encrypted passwords.


As Sekurak portal emphasizes, the situation is dangerous because it is also possible to exclude leakage of PESEL identification numbers. It should also be taken into account that many people use the same login and password for multiple systems.



Lost24

Cybercriminals hacked Italian provider of email services - Email.it. The data leak affected more than 600,000 people, and the offer for the data from the last two years was listed on the dark web. However, the data offered for sale only includes persons who have used the free version of Email.it.


The group that stole the data presents themselves as NN Hacking Group has provided the evidence of the attack on Twitter. According to Cyberdefence24, the data that was put up for sale includes 44 collections, valued at $22,000. The scope of the stolen data includes account usernames, passwords, content of the email messages and attachments, as well as phone numbers associated with the service, SMSes and faxes broadcasted from them.



Lost24

Recently, we wrote to you about the Zoom video conferencing sending telemetry data of users to the Facebook servers. Despite the fact that the application has been updated and the error has been corrected, security experts once again have reservations about this software.


First of all, conversations in the application are not covered by controlled encryption. In addition, Zoom installs a hidden network server on computers of Mac users, which remains on the device even after the software has been uninstalled. This involves the risk that a third party may turn on the camera remotely on your computer without permission.


The application is criticized for its user tracking function, a significant number of hacked conference calls

Lost24

The Marriott hotel chain has fallen victim to hackers who broke into the company’s internal network, which resulted in a customer data leak. The data leak affects 52 million customers. Hackers also managed to obtain logins and passwords belonging to two Marriott employees.

As reported by Marriott International, leaked data includes:
-    Customer contact details such as personal data, email address and phone number, employment status, gender, date of birth,
-    Information about participation in the loyalty program,
-    Data related to hotel room reservation like length of stay, type of room.

At present, there is no confirmation whet

Wednesday 1 April 2020, Safety Guide

Package disinfection scam

Lost24

Recently, we wrote to you about the return of the “courier” fraud, this time scammers are trying to pull people waiting for the package with so called “disinfection”.


Experts from CyberRescue warn against fake text messages informing about the need to pay extra charges for disinfection of the package, which should then be delivered to the sender.


Link included in the SMS allows you to make the necessary payment. Typically, in this case, cyber criminals want to intercept the victim’s online banking credentials.
As you can see, the “coronavirus” fraud appears more often, so you should be on guard.



Lost24

The fraudsters have decided to once again utilize the coronavirus situation, this time using the known “courier” scam.


During the pandemic, the number of purchases over the internet increased significantly, which the fraudsters decided to utilize by sending an SMS asking for payment of the shipping charges.


According to the portal Wirtualna Polska, in the message we can read that due to OHS procedures in the transhipment center, the shipping cost increased by about PLN 2. The SMS also includes a link that redirects users to the fake payment page. The goal is probably obvious to everyone at this point, fraudsters want to intercept online banking credentials.



Lost24

The email boxes of Internet users receive messages about the possibility of blocking their allegro.pl accounts. The reason for such blocking is to be an unpaid payment.


The email also includes information on the amount with which the person is in arrears and the threat of recovery if the amount is not paid.


Original message content:
“To date, we have not recorded the settlement of your commitment. A deposit of 1.98 must be paid to prevent account suspension. If the payment is not settled - your debt will be taken over by debt collection.”


Cybercriminals have spoofed the original address of the service, which may diminish the vigilance of the victim. However, please