Fraudsters once again impersonate an electricity supplier, informing recipients of text messages about the alleged underpayment.

According to the editors of the portal dobreprogramy the content of the message is identical, only the date on which the electricity is to be cut off has changed.

Content of the SMS: On November 15, electricity shatdown are planned! Please make the pay: https://go.sv/naleznosc-pge-g5h9a
The message contains numerous errors, does not include any Polish characters and includes a typo. The SMS is sent from multiple numbers. Based on Twitter posts, the editorial office created a list of phone numbers from which fake messages are sent:
+48 502 947 217
+48 572 994 059


By impersonating the organizers of the National Immunization Program lottery fraudsters once again want to extort data from people who were vaccinated against COVID-19.

In addition, potential victims are misled that the next edition of the lottery has started, addressed to people who were vaccinated with the second or third dose of the vaccine – depending on the preparation taken earlier.

The above fake news has been denied on the official profile of the #SzczepimySię campaign.

Niebezpiecznik announced another phishing campaign, which was delivered by email to one of its readers. The message even contained congratulations from the Minister of Health. As usual, the message includes a link that le

Tuesday 16 November 2021, Safety Guide

Hacker attack on Media Markt and Saturn


The servers of the Media Markt and Saturn chain stores have been hacked and some of them have also been encrypted. In addition, there is a likelihood of customers’ personal data being leaked.

Niebezpiecznik has received information from one of its readers that the network and servers of Media Markt and Saturn have been attacked – “We would like to inform you that due to the ongoing attack on some of our servers some central systems (e.g. WWS, SAP and such) may report their unavailability or unavailability of a part of their functionality. The linked PL systems (e.g. the functional part of the e-commerce panel) may also not function properly as a result.”

In turn, another person reports that the attack covered the whol

Saturday 13 November 2021, Safety Guide

Squid Game series – Joker spyware


Cybercriminals took advantage of the phenomenal popularity of the Squid Game series available on the Netflix platform by creating a mobile application containing malware.

The application available for Android devices “Squid Game Wallpaper 4K HD” contained Joker spyware. Joker can download and transfer user data, including text messages and contact list, to third parties. Jokes is also dangerous due to the fact that it can register its victim for paid subscriptions, as well as make a payment by using the victim’s phone number.

The app has been removed from the Google Play Store. However, the app can still be downloaded from websites.


Fraudsters once again impersonated the Biedronka chain of stores, tempting with vouchers worth 500 zlotys.

According to CyberRescue, there are links on Facebook groups that lead to the “Biedronka website”, such as biedrobest.site.
The website contains information about special offer that lets you win a voucher. The “offer” covers people born in the years 1975-1977, on the occasion of the 45th anniversary of the store, a “free” voucher is offered. Of course, the number of vouchers is limit.

This time it is not only about collecting data such as home address or telephone number, if we accept terms, wee automatically agree to activate Premium SMS service.

Remember to block Premium


If you are the owners of the phone number of the Plus mobile carrier and its other brand Plush, you must bear in mind that your data may have fallen into the wrong hands.

Whichever person that entered a special sub-page in the Plus domain had access to the operator’s customer data. According tot the Niebezpiecznik portal, third parties could determine who the phone number belongs to, find out its PESEL number and home address along with other data.

According to Niebezpiecznik, the application programming interface, the so-called API used to control IT systems was not secured with any token. The portal reported the problem to the network’s carrier, receiving a response in which Plus confirmed that an API-related error had


Fraudsters are pretending to be Polish Post in an attempt to obtain login credentials for online banking.

The Computer Security Incident Response Team of the Polish financial sector warns against text messages regarding the possibility of obtaining a PIT-37 tax return.

The content of the SMS:"You are entitled to a tax refund from PIT-37 Download online: hxxps: //bit.ly/3B8NNil"

he text message includes a link redirecting to a fake Polish Post website. The page includes a form to be submitted to the “Tax Office” in order to obtain a return from PIT. The form requires data such as name and surname, email address, PESEL number.


Fraudsters send messages to Netflix users informing them of account suspension.

In the email, the platform user is informed that the payment for the next subscription billing cycle has not been authorized, and therefore the membership has been suspended. Later in the message, the victim is encouraged to click on “Restart your membership” link to update the information and continue using the Netflix platform.

According tot the Computer Security Incident Response Team of the Polish financial sector –

Read more

0 - Comment

Tuesday 12 October 2021, Safety Guide

New type of scam - internet grandkid


Policemen from the cybercrime division warn against new fraud based on “internet grandkid”. The main targets are people using social networks and online banking.

As the police explain, fraud is based on the use of social engineering and time pressure.

In the first step, fraudsters send out offers of financial intermediation or investment services via social networks, and taking up the offer is to “bring” big benefits. After clicking on the advertisement, the victim is redirected to the login page of the fictitious company, for the application to pass successfully, the victim must pay any amount of money. However, at this stage there are technical problems with the victim’s account management and in order to fix them

Wednesday 6 October 2021, Safety Guide

SMS campaign for a lost wallet


The latest “lost wallet” SMS campaign is designed not only to steal data from the phone, but also to access your bank account.
Fraudsters send an SMS in which they inform about the alleged finding of a wallet with money and documents.

Content of the SMS:
Hello, today I found a wallet with money and documents, there was this phone number inside. Here is a picture of your wallet, is that yours? https://cutt.ly/REzv2Pb

The scammer’s goal is for the potential victim to activate the link attached to the message which leads to the fake Adobe Flash Players website. In order to see the picture of the walled that was found, the victim must install the fake application. According to TECHNOSenior, inst


Two new types of scams have emerged, aimed at extorting money.

Cybercriminals have created a fake Google Play Store page that leads you to download a fake BLIK.apk application. According to the Computer Security Response Team of the Polish financial sector warns, the malware contained therein is able to steal online banking login details. Moreover, the BLIKmobile app does not exist.

The second type of fraud that the CSIRT of Financial Super


Fraudsters pretend to be a bank and try to extort money from bank accounts. In the text message sent, they inform about an attempt by the Ministry of Finance to take over funds from the account. The chance to save the money is a fraudulent “overnight deposit”.

According to the Computer Security Response Team of the Polish financial sector, fraudsters pretend to be the ING Poland bank. The text of the SMS sent by the fraudsters reads that due to an extraordinary order of the Minister of Finance on saving the economy, funds on the corporate checking and saving accounts will be nationalized in the amount of 30% of the balances. Savings

Friday 17 September 2021, Safety Guide

Fraudsters impersonate Spirotech


Fraudsters send emails to corporate addresses of Polish companies claiming to be Spirotech.
The content of the message prompts you to click on the image that imitates the typical attachment from Gmail. The message is sent from Jarosław Kowalczyk, an “employee” of Spirotech. However, the domain from which the message has been sent is angst-pflstar.com, at this time this should trigger a red flag.

The content of the message is as follows:
Please note the following inquiry received from the owners. We kindly ask you for a refund with a quote with 5% commission for our office and 30 days credit as payment terms. Your quote should include shipping costs, customs or other fees and a total cost estimate. Please also send the co

Monday 13 September 2021, Safety Guide

BPS Bank customers targeted by fraudsters


Clients of Bank Polskiej Społdzielczości (BPS) S.A. receive fraudulent messages with notices of received transfer.

According to CERT Poland, a link confirming the transfer is attached to the message. The fake message originated from the cobra-europa.eu domain, fraudsters inform in the message about the money transfer of over PLN 70,000 as well as inform who the sender of the transfer is.

According to Komputer Św

Wednesday 8 September 2021, Safety Guide

Fake WhatsApp version. Triada Trojan


A fake version of WhatsApp – one of the most popular messenger apps – has been found on the web.
According to Kaspersky experts, the installation of the fake version of WhatsApp messenger on Android leads to device being infected with the Triada Trojan.

The application is listed under the name FMWhatsApp, after its installation, identifiers are collected from the device, which are then sent to a remote server, after which the Triada Trojan is installed.
The Trojan is able to subscribe the victim to premium services or install addition modules that allow the injection of additional malicious code.

According to

Read more

0 - Comment