Experts from CERT Poland warn PKO BP’s clients against a campaign in which cybercriminals try to obtain login details for online banking.

The bank’s customers receive emails with information about the account being blocked. In order to restore access to the account, the victim has to click on the link included in the message, which leads to the fake website of the PKO BP bank.

According to CERT, the potential victim is asked to log into his account, in fact, the data is transferred to cybercriminals. In the next step, the fraudsters will try to intercept an SMS code from the victim in order to change the transfer authorization number.

The entire campaign is conducted in such a way tha

Experts from CERT Poland warn against scammers pretending to be InPost. Fraudsters send messages in which they inform them about the required payment, surcharges for a parcel that is already “waiting” in a parcel locker. In fact, scammers want to extort login details for online banking from potential victims.

According to CERT Poland, fraudsters also use the image of the eCard company through a specially fabricated payment form. If the victim enters their bank login details on the form, they will unknowingly pass them directly into the hands of cybercriminals. A potential victim should be concerned about a redirect to .uno and .life domains, which are in no way related to InPost.

According to CERT Poland, the above mentio

Apps dedicated to children that ran on Android devices stole data.

According to the experts from TechCrunch, Google has removed three well-known applications with more than 20 million downloads from the Google Play Store - Princess Salon, Number Coloring Cats & Cosplay.
Google has removed these applications after analyzing a report compiled by the IDAC organization.

Apps collected Android ID data and personalized advertising identification (AAID) data.
According to the portal dobreprogramy, when information from Android ID and AAID are processed simultaneously, Google’s security mechanisms can be bypassed.

The OLX portal has recently introduced a new feature in the field of transaction processing, namely a payment system, therefore, as expected, it will be used by fraudsters.

Fraudsters try to obtain the payment card details from the website’s users. They contact the victim via isntant messaging services such as WhatsApp or Facebook Messenger by sending them a link to a fraudulent page posing for the OLX payment site in order to complete the transaction. The fake page displayed the process of ordering shipment, in order to pay for the courier service, you must provide your personal data, payment card number and security code.

CERT Poland has placed the fraudulent website on the warning list. Remember to carefully inspect the

Experts from CERT Poland warn of a phishing campaign targeting Netflix users. Fraudsters send fake emails telling you to update your payment details.

They inform users about the suspension of the account, the message includes a link that takes them to a fraudulent page, the purpose of which is to obtain login credentials and payment card details of the service subscribers.

According to the CERT, cybercriminals often use the domains resembling a real address, such as www [.] Netflix [.] Pl [.] Rsga [.] Rw.
If any of you have clicked on the link you should block your payment card as soon as possible and change your Netflix login details.

More than 200 fake applications in the Google Play Store were detected by experts from the White Ops Satori Threat and Research Team. The number of downloads is quite large and amounts to 14 million.

As experts inform, the applications were mainly copies of retro games or Nintendo NES emulators.

People who downloaded fake applications were flooded with out-of-context (OOC) ads. All rogue applications that were categorized under RAINBOWMIX group were removed from the Play Store. The creators of the fake applications have managed to place them in the Play Store thanks to the low detection rate by using the so-called packers. According to the dobrepragramy website, thanks to the use of a packer, part of the downloaded content re

Experts from CERT Poland warn against fraud related to the advertisement posted on Facebook, suggesting the possibility of getting money by updating the PKO BP application. The advertisement is not related to the official bank’s activity, and its purpose is to steal money from the victim’s bank account.

According to CERT Poland, the person that decides to download the alleged update is actually downloading malware from the Alien family related to Cerberus. The purpose of the software is to steal your online banking login details, and this to withdraw funds from the account.

At the moment, it is not known whether the fraudsters only targeted the PKO BP bank in their advertising or created similar fake advertising campaigns

PKO BP’s customers fell victim to a phishing attack. Fraudsters want to obtain login details for online banking on the pretext of activating a new online security system. The recipients of the message are informed that if they fail to update, their accounts may become inactive.

In the Bank’s announcement, PKO BP warns against clicking on a link that redirects potential victims to a fraudulent website resembling a website belonging to the Bank. As the Bank warns, clicking on the link and providing login details may result in loss of money and control over the account.

If any of you have fallen victim to this fraud, please contact your bank as soon as possible.

The cheap contract scam has returned, but in a different form. Previous variant of this scam was focused on extorting personal data from older people, where the fraudster claimed to be an employee of Telekomunikacja Polska.

This time, the potential victims receive a robocall that informs them about the end of the contract. The dobreprogramy portal quotes the content of the recording “your phone contract is about to end, if you want to pay less for the subscription, press 1 to talk to a consultant, if not press 2”.

According to the portal, if you press 2, you will be redirected to an international call and incur considerable costs.
The portal gives a list of numbers that are better not be answered: 734818156, 7348

Policemen from the cybercrime division warn against new fraud based on “internet grandkid”. The main targets are people using social networks and online banking.

As the police explain, fraud is based on the use of social engineering and time pressure.
In the first step, fraudsters send out offers of financial intermediation or investment services via social networks, and taking up the offer is to “bring” big benefits. After clicking on the advertisement, the victim is redirected to the login page of the fictitious company, for the application to pass successfully, the victim must pay any amount of mone

Data Viper’s report reveals that cybercriminals have taken interest in one of the most popular online games in the world - “Fortnite”.

Cybercriminals use automated systems to analyze the databases from various leaks towards the possibility of breaking into the “Fortnite” player’s account. Cybercriminals are able to analyze 500 accounts in one second.
The game makes its money on microtransactions for trading virtual items. Criminals are able to earn up to PLN 150,000 a week by trading stolen e-items.

It is very difficult to detect the perpetrators of thefts, as they create a network of fake connections and transactions are carried out using cryptocurrencies.

If in May 2019 you were shopping in the sexshop.com.pl online store, your data may have leaked.
According to the Niebezpiecznik portal, the data of some of the customers of the shop with erotic gadgets and aphrodisiacs have been stolen.

A piece of the data is available online, according to the portal, the file weighs only 58 kilobytes and contains data from 200 orders. However, each record contains data such as: name and surname, email address, data and order ID, along with a description of the products ordered.

The store’s customers are unable to check if they have been affected because the file is not indexed in search engines.
Niebezpiecznik has confirmed that the customer data is real, and the persons

Scammers have managed to carry out a SIM Swap attack by obtaining SIM card number from the victim’s phone number. According to Polsat News, fraudsters hijacked victim’s online bank accounts and took out PLN 370,000 from them.

While talking on the phone, the connection was interrupted and the victim’s attempts to remove and insert the SIM card did not work. The victim visited the mobile network’s provided salon, where the SIM card was replaced with a new one. However, at this point the victim should have blocked the bank accounts as soon as possible, but was unaware of becoming a victim of a SIM Swap attack.

How did they manage to carry out the SIM Swap attack?
New SIM card was obtained by impersonating the vi

Fraudsters advertise themselves on regional Facebook groups like “Ads Warsaw”, tempting people with sales of electronics at very attractive prices, such as iPhone 7 for PLN 13.

CERT Poland warns against fraudulent electronics on websites posing for Allegro Lokalnie. The equipment put up for auction is listed at very attractive prices. After clicking the “Buy now” button, the victim is redirected to a fake electronic banking panel. Cybercriminals obtain such data as PESEL identification number or mother’s maiden name.

According to the CERT, the target of the attack are owners of accounts in Millenium, mBank, Pekao, PKO and ING banks.

Recently, messages have been sent out in which fraudsters impersonate the Netflix platform. In the message we are informed that we need to update our billing details.

The message is confusingly similar to the Netflix notifications about payment problems, the blue and red color theme is preserved, as well as the structure of the notification. However, an attentive person will notice the wrong credit card number and expiry date.

After clicking on a link included in the email, the victim is redirected to a fake Netflix login page. The scammer’s goal is to capture as many Netflix login credentials as possible to then sell them on the black market. In addition, fraudsters try to obtain a sizable set of data, including first and