mBank has had a serious mishap, as a result of which a group of clients could gain partial access to accounts of other users and browse their transaction history.

According to the Niebezpiecznik prota, existing mBank customers had their phone numbers changed and new clients have started to receive authentication messages intended for different users. Moreover, when logging in to the mobile app, new users could access the account history of different users, but with their own personal data.

Turns out that when setting up a new account in the branch, the bank’s system did not create new records but instead overwritten the existing ones. According to the portal, the error was probably related to comparing ID numbers, which the

Cybercriminals have launched a new phishing campaign targeting customers of the courier company InPost.
Fraudsters send text messages in which the company name InPost is displayed in the sender’s field, but the name is spelled with 0 - “INP0ST”. The message contains information that the parcel which was “ordered” by the receiver was placed in a parcel locker, however, in order to obtain the collection code, an application must be downloaded.

According to ESET experts, the link in the message leads to a page containing the  phrase “inpost” or “in-post” and visually imitating the Google Play Store. If the person decides to download the application, they are asked to install a file from the unknown source. In fact, the v

Personal data of thousands of Polish employees of McDonald’s restaurant chain have been leaked online.

According to Niebezpiecznik, the leak was attributed to 24/7 Communication, the agency responsible for handling digital graphics for the employees of the popular fast food chain. The leak occurs as a result of files being placed in a publicly available, rather than a restricted folder. As a result, data of McDonald’s restaurant employees from the last five years was available to the public in the period from January 2019 to July 2020.

The data affected by the leak are: surnames and first names along with information related to employment, as well as PESEL or passport numbers.

There was a data breach from Avon Products, 19 million customer data records fell into the wrong hands.
As a result of the attack, some of the IT systems were disabled and company’s operations were disrupted.

Despite Avon’s reassuring announcements that credit card information should not be in possession of the cybercriminals, experts from SafetyDetectives believe that this is not the end of the company’s problems.
According to the AVLab, which cites SafetyDEtectives, the leak contained multiple logs that can be used to attack Avon Products customers and its IT infrastructure. The database contained personal and technical information, including: customer names and surnames with phone numbers, dates of birth, addresses o

Fraudster has obtained data by listening to police communications channels during the control of people undergoing quarantine.

First he obtained data such as names, surnames and residential addresses, he then knocked on the door of these people claiming to be an employee of the Department of Health and Safety. He informed that he had to take a swab for coronavirus testing, in addition, the victim was to fill in the form, providing the PESEL number and the ID number.

Data obtained through the scam can be used to defraud the loan. According to Gazeta Wyborcza, citing data from the Polish Bank Association, a total of 5,100 loan extortion attempts amounting to over PLN 280 million were initiated in 2019.
In the

Fraudsters pretend to be employees of the Ministry of Development and try to extort money and personal data using the Polish Tourist Voucher.

According to the police and the Social Insurance Institution (ZUS), fraudsters call with an offer of a few days’ stay in good hotel, as a part of the “special offer for a vacation voucher”, the victim is to have 3 days of stay for free, for the extra 4 days an additional payment of several hundred zlotys should be made. Fraudsters also try to obtain information about the victim’s personal data. For verification, they ask for PESEL and ID card numbers.

ZUS reminds that the official travel voucher is only available in an electronic version and can only be activated on the ZUS Elec

As a result of a hacker attack, the production line and synchronization of Garmin watches and bans were stopped.
Device owners are not able to see their workouts and other device parameters. Garmin Connect is down now for several hours, as a result of which users of smart devices cannot send their data for synchronization.

According to the information provided on the company’s social media, the website and Garmin Connect app are down, call centers are also not working, it is also impossible to contact the company’s employees via email or chat.

According to the Taiwanese ITHome website, the WastedLocker ransomware is the culprit here, which was installed by hackers from Evil Corp group on Garmin’s servers. Garmi

SMS scam is already quite common, we have written more than once about it - how fraudsters impersonate courier companies or mobile providers. This time, in addition to wiping money from the account, the fraudsters also took out a loan of 16,000 PLN on behalf of the victim, and malware was probably included in the SMS.

According to the portal legalniewsieci, the victim received an SMS from a “courier” regarding a surcharge for the parcel due to an overweight. The victim then clicked on the link provided in the message, from which it was redirected to a fraudulent PayU website, where an error appeared after selecting the ING Bank Śląski bank and entering the login details. The operation was interrupted and the victim received a text message from the

Despite the fact that since the introduction of PlayProtect in the Google Play Store the amount of malware has significantly decreased, experts from PREBYTES Security Incident Response Team have detected dangerous Cerberus malware in one of the applications.

It was the Best Cleaner app that required permissions to access photos, multimedia, make calls or access files on the phone during installation. If the consent was not given, the application could not be used.

Clicking the “Start Cleanup” button in the application initiated the attack. The application required the installation of an additional plug-in, for this purpose, the option to allow installation of apps from unknown sources had to be enabled in the device setti

You can find advertising “Biedronka: Take everything you want in 10 minutes” on Biedronka Polska profile. Both the profile and the post have nothing to do with the Biedronka store chain.

According to Dobre Programy, many people have been deceived by the advertising slogan above.
Post includes a link, where the victim is asked to complete a Google survey, which allegedly represents the first stage of the competition. Following the first stage the qualification for next stage is supposed to take place.

In the second stage, the victim learns that, in fact, it is no longer a contest for “Take everything you want in 10 minutes” but instead a 500 PLN voucher. In order to participate in the competition, you must pro

Cybercriminals are trying to extort money by impersonating Allegro, the victim may also lose login credentials for the portal.

According to the Zaufana Trzecia Strona, the victim receives a message informing that the account needs to be verified and for this purpose the account should be activated using the online payment in the amount of PLN 1.01. In addition, the recipient of the message is assured that the entire amount will be returned to the account within 3 business days, once the registration data has been verified. According to the Zaufana Trzecia Strona, the sender is admin@allegro4.pl, and the amount of  PLN 1.01 is based on the amount used in the actual Allegro account activation process.

The activation li

Allegro portal was once again used by cybercriminals, this time scammers send messages posing for those sent out by Allegro.
Potential victims are owners of Android phones that receive text messages that redirect to allegroapki.net. The goal is to trigger a download of Cerberus family malware application.

According to CERT, after installing the malware, cybercriminals have access to contacts, text messages and saved payment data stored on the phone.

Cybercriminals have launched a new phishing campaign that uses Facebook’s brand. Fraudsters mislead Facebook users by tricking them into opening an alleged updated privacy policy.

The potential victims are intimidated by a warning that unless they accept updated policy, their account will be suspended and then irrevocably deleted.

According to CERT Poland, the goal of the fake emails is to download Anubis malware to android. After installation, cybercriminals have full access to contacts, text messages, saved payment details and make phone calls on the infected device.

Beware of fake phone bills, cybercriminals are impersonating Play’s mobile network, once again.
Fraudsters send “invoices” with a phone bill, the message includes an Excel file, that once activated, installs Zloader malware on the device.

According to CERT Poland, Zloader will then attempt to install the Zeus banking Trojan on the device. Trojan can steal credentials used for your online banking.

The content of the message should raise suspicion in the person that receives it, due to the fact that it does not contain Polish characters, as well as the fact that customers of Play network can find their invoices in the client’s panel on the website or in the application.

Scammers are attempting to trick people into installing malicious application by impersonating InPost. If you receive an SMS in which 0 appears instead of “o” in the InPost name, beware of fraud.

Fraudulent SMS are signed as “INP0ST” and suggest that we will not receive a package collection code without downloading a new application.

According to Niebezpiecznik, after activating the link we are transferred to the page where users are prompted to download the application in order to receive a package collection code. We receive information that after downloading the app, we will automatically receive a text message on the device. In fact, we’re being tricked into downloading malicious .apk file.

<