Apps dedicated to children that ran on Android devices stole data.

According to the experts from TechCrunch, Google has removed three well-known applications with more than 20 million downloads from the Google Play Store - Princess Salon, Number Coloring Cats & Cosplay.
Google has removed these applications after analyzing a report compiled by the IDAC organization.

Apps collected Android ID data and personalized advertising identification (AAID) data.
According to the portal dobreprogramy, when information from Android ID and AAID are processed simultaneously, Google’s security mechanisms can be bypassed.

The OLX portal has recently introduced a new feature in the field of transaction processing, namely a payment system, therefore, as expected, it will be used by fraudsters.

Fraudsters try to obtain the payment card details from the website’s users. They contact the victim via isntant messaging services such as WhatsApp or Facebook Messenger by sending them a link to a fraudulent page posing for the OLX payment site in order to complete the transaction. The fake page displayed the process of ordering shipment, in order to pay for the courier service, you must provide your personal data, payment card number and security code.

CERT Poland has placed the fraudulent website on the warning list. Remember to carefully inspect the

Experts from CERT Poland warn of a phishing campaign targeting Netflix users. Fraudsters send fake emails telling you to update your payment details.

They inform users about the suspension of the account, the message includes a link that takes them to a fraudulent page, the purpose of which is to obtain login credentials and payment card details of the service subscribers.

According to the CERT, cybercriminals often use the domains resembling a real address, such as www [.] Netflix [.] Pl [.] Rsga [.] Rw.
If any of you have clicked on the link you should block your payment card as soon as possible and change your Netflix login details.

More than 200 fake applications in the Google Play Store were detected by experts from the White Ops Satori Threat and Research Team. The number of downloads is quite large and amounts to 14 million.

As experts inform, the applications were mainly copies of retro games or Nintendo NES emulators.

People who downloaded fake applications were flooded with out-of-context (OOC) ads. All rogue applications that were categorized under RAINBOWMIX group were removed from the Play Store. The creators of the fake applications have managed to place them in the Play Store thanks to the low detection rate by using the so-called packers. According to the dobrepragramy website, thanks to the use of a packer, part of the downloaded content re

Experts from CERT Poland warn against fraud related to the advertisement posted on Facebook, suggesting the possibility of getting money by updating the PKO BP application. The advertisement is not related to the official bank’s activity, and its purpose is to steal money from the victim’s bank account.

According to CERT Poland, the person that decides to download the alleged update is actually downloading malware from the Alien family related to Cerberus. The purpose of the software is to steal your online banking login details, and this to withdraw funds from the account.

At the moment, it is not known whether the fraudsters only targeted the PKO BP bank in their advertising or created similar fake advertising campaigns

PKO BP’s customers fell victim to a phishing attack. Fraudsters want to obtain login details for online banking on the pretext of activating a new online security system. The recipients of the message are informed that if they fail to update, their accounts may become inactive.

In the Bank’s announcement, PKO BP warns against clicking on a link that redirects potential victims to a fraudulent website resembling a website belonging to the Bank. As the Bank warns, clicking on the link and providing login details may result in loss of money and control over the account.

If any of you have fallen victim to this fraud, please contact your bank as soon as possible.

The cheap contract scam has returned, but in a different form. Previous variant of this scam was focused on extorting personal data from older people, where the fraudster claimed to be an employee of Telekomunikacja Polska.

This time, the potential victims receive a robocall that informs them about the end of the contract. The dobreprogramy portal quotes the content of the recording “your phone contract is about to end, if you want to pay less for the subscription, press 1 to talk to a consultant, if not press 2”.

According to the portal, if you press 2, you will be redirected to an international call and incur considerable costs.
The portal gives a list of numbers that are better not be answered: 734818156, 7348

Policemen from the cybercrime division warn against new fraud based on “internet grandkid”. The main targets are people using social networks and online banking.

As the police explain, fraud is based on the use of social engineering and time pressure.
In the first step, fraudsters send out offers of financial intermediation or investment services via social networks, and taking up the offer is to “bring” big benefits. After clicking on the advertisement, the victim is redirected to the login page of the fictitious company, for the application to pass successfully, the victim must pay any amount of mone

Data Viper’s report reveals that cybercriminals have taken interest in one of the most popular online games in the world - “Fortnite”.

Cybercriminals use automated systems to analyze the databases from various leaks towards the possibility of breaking into the “Fortnite” player’s account. Cybercriminals are able to analyze 500 accounts in one second.
The game makes its money on microtransactions for trading virtual items. Criminals are able to earn up to PLN 150,000 a week by trading stolen e-items.

It is very difficult to detect the perpetrators of thefts, as they create a network of fake connections and transactions are carried out using cryptocurrencies.

If in May 2019 you were shopping in the sexshop.com.pl online store, your data may have leaked.
According to the Niebezpiecznik portal, the data of some of the customers of the shop with erotic gadgets and aphrodisiacs have been stolen.

A piece of the data is available online, according to the portal, the file weighs only 58 kilobytes and contains data from 200 orders. However, each record contains data such as: name and surname, email address, data and order ID, along with a description of the products ordered.

The store’s customers are unable to check if they have been affected because the file is not indexed in search engines.
Niebezpiecznik has confirmed that the customer data is real, and the persons

Scammers have managed to carry out a SIM Swap attack by obtaining SIM card number from the victim’s phone number. According to Polsat News, fraudsters hijacked victim’s online bank accounts and took out PLN 370,000 from them.

While talking on the phone, the connection was interrupted and the victim’s attempts to remove and insert the SIM card did not work. The victim visited the mobile network’s provided salon, where the SIM card was replaced with a new one. However, at this point the victim should have blocked the bank accounts as soon as possible, but was unaware of becoming a victim of a SIM Swap attack.

How did they manage to carry out the SIM Swap attack?
New SIM card was obtained by impersonating the vi

Fraudsters advertise themselves on regional Facebook groups like “Ads Warsaw”, tempting people with sales of electronics at very attractive prices, such as iPhone 7 for PLN 13.

CERT Poland warns against fraudulent electronics on websites posing for Allegro Lokalnie. The equipment put up for auction is listed at very attractive prices. After clicking the “Buy now” button, the victim is redirected to a fake electronic banking panel. Cybercriminals obtain such data as PESEL identification number or mother’s maiden name.

According to the CERT, the target of the attack are owners of accounts in Millenium, mBank, Pekao, PKO and ING banks.

Recently, messages have been sent out in which fraudsters impersonate the Netflix platform. In the message we are informed that we need to update our billing details.

The message is confusingly similar to the Netflix notifications about payment problems, the blue and red color theme is preserved, as well as the structure of the notification. However, an attentive person will notice the wrong credit card number and expiry date.

After clicking on a link included in the email, the victim is redirected to a fake Netflix login page. The scammer’s goal is to capture as many Netflix login credentials as possible to then sell them on the black market. In addition, fraudsters try to obtain a sizable set of data, including first and

mBank has had a serious mishap, as a result of which a group of clients could gain partial access to accounts of other users and browse their transaction history.

According to the Niebezpiecznik prota, existing mBank customers had their phone numbers changed and new clients have started to receive authentication messages intended for different users. Moreover, when logging in to the mobile app, new users could access the account history of different users, but with their own personal data.

Turns out that when setting up a new account in the branch, the bank’s system did not create new records but instead overwritten the existing ones. According to the portal, the error was probably related to comparing ID numbers, which the

Cybercriminals have launched a new phishing campaign targeting customers of the courier company InPost.
Fraudsters send text messages in which the company name InPost is displayed in the sender’s field, but the name is spelled with 0 - “INP0ST”. The message contains information that the parcel which was “ordered” by the receiver was placed in a parcel locker, however, in order to obtain the collection code, an application must be downloaded.

According to ESET experts, the link in the message leads to a page containing the  phrase “inpost” or “in-post” and visually imitating the Google Play Store. If the person decides to download the application, they are asked to install a file from the unknown source. In fact, the v