Post-holiday sales period encourages people to hunt deals and make their purchases online. For some time now, Polish internet users are exposed to the attack based on additional payment for shipment. Most often, criminals impersonate courier services and the victim can receive a text message sent, for example, from Inpost.

Accoridng to Niebezpiecznik one example of such text message contains information about additional payment of PLN 1 or 2, which victim has to pay in order to receive the goods. Message of course contains link to a fake DotPay website. At this point, if the recipient of the SMS will provide his login and password for banking service there’s nearly 100 percent chance that he will lose money from his account.

Cybercriminals have created websites that resemble Google and Yahoo in a deceptive way, all of it to attack human rights activists.

Amnesty International informs that hundreds of the above-mentioned activists received e-mails in which cybercriminals impersonated e-mail operators. By this hackers wanted to extort passwords and tokens that are necessary for two-factor verification.

Same hackers have also attempted to trick users of ProtonMail and Tutanot.

Chip emphasizes that social engineering is one of the most effective vectors of attack for hacking attempts aimed at extorting access to user’s sensitive data. One example of this may be the November breakdown of Goog

Online retailer, morele.net informed about the leak of its clients’ data. According to the store hackers obtained the data between 17th  and 18th of December, and it includes names and surnames of clients, along with e-mail addresses, telephone numbers and hashed passwords.

morele.net secured its databases after detecting the attack and informed the Office of Personal Data Protection.

If you are affected by the hack you should change your morele.net password as soon as possible, as well those for other websites which used similar login details. Luckily, clients’ credit card details are secure as the store did not collect such data.

Owners of Android phones who have installed Optimization Android app on their devices in order to optimize battery performance are at risk of sensitive data theft.

The app contains a mechanism that bypasses two-factor authentication – due to this victims are exposed to theft of login data for applications such as WhatsApp, Gmail or Skype, as well as PayPal account details or credit card information.

According to Cyberdefence24 if victims activates the “statistics” built into the app he will be forwarded to the PayPal site that requires verification. After filling in the required data user receives an authorization code which might end up costing him a loss of as much as EUR 1,000.

Consulting company Dr. Shifro has exploited its clients by claiming that it can bypass the encryption of files made with some ransomware. Ransomware-as-a-service offered by them is such a big feat due to the fact there are no decryption keys available for Dharma/Crisis type of ransomware.

According to Check Point, Dr. Shifro contacted the creator of the ransomware instead in order to decrypt the victim’s files, paying the intended ransom amount, and then charged its clients with commission of as much as USD 1,000!

Check Point predicts that the number of companies offering similar services may increase quite rapidly because this type of business model is a fantastic get-rich -quick scheme.

People that installed Fitness Balance or Calories Tracker apps on their phones were at risk of losing money from their bank accounts.

Both apps were “designed” to measure BMI, monitor calorie intake or encourage to drink more water but actually they utilized the fingerprint scanning function to steal money from users.

According to posts on reddit.com applications encouraged users to scan their fingerprint for personalization of diet and measurement of calories. After the scanning process user was shown a payment pop-up for the amount of USD 99.99, 119.99 or EUR 139.99. If Apple account had credit card linked to it user could inadvertently make a fingerprint confirmation of payment.

Cybercriminals are impersonating Poltrans, a popular company, with an e-mail containing a link to an alleged invoice.

According to CERT Orange Polska, the link points to a malware. If the victim activates the link, the malware tries to steal bitcoin wallets, login data for FTP servers and installs a keylogger.

As indicated by CERT, the malware downloads and executes file from hxxp://iipko.eu/imup.exe address, which may indicate preparation for a phishing attack.
 

Mailboxes of internet users were targeted with e-mails, allegedly from ING Bank Śląski, in which they were notified about freezing of their accounts. The alleged reason for freezing of the account was hacking and in order to unlock the access to the account user had to verify it by clicking on the provided link.

By clicking at the link victim was forwarded to the bank’s login page, unless he realizes that it’s actually a fake page in the next step he was asked to provide full password for the banking service. At this point, the cybercriminals used the login information provided by the victim at the real ING site, while victim sees “Please wait” message on the screen.

Thanks to this criminal can d

Usually smartphone owners are struggling with malicious applications that steal content of text messages or lists of contacts. This time an application spotted by portal Niebezpiecznik scammed iPhone users in a clever way. According to Niebezpiecznik the app used so called “black pattern” to scam Apple’s phone users for a hefty sum.

In order to increase number of downloads, cybercrooks picked an Instagram ad, in which the app was described as a calorie counter. All the user had to do was to take a picture of his meal and the app would count its calories. There was only one catch, during the “scanning” process user had to place his finger on the Home button. If we wanted to get dietary prescription we had to hold our finger on Home b

Users of Allegro are more frequently becoming targets of attacks. Newest of them, apart from typical phishing attempts, includes one in which scammers are impersonating Allegro staff.

The victim is convinced that it was granted a refund of PLN 1000 if a form of a voucher, as part of Allegro’s “policy”.

Here’s the content of the email:
“Hello (recipient’s address here)
In accordance with our policy we have granted you a refund in a form of a voucher for PLN 1000 to be spent in Allegro website.
Your coupon is in the attachment!
We are waiting for you!”

“Voucher” can be found in the attachment for the message. Accordin

Cybercriminals are using increasingly sophisticated ways to con as many people as possible with a Premium Rate SMS.

According to Niebezpiecznik someone in Poland is trying to pull off Premium Rate SMS con without attracting attention of UOKiK (local equivalent of OCCP). At first glance Filmfilmy.pl website contains only YouTube trailers and their descriptions. If, however, we enter the site through a Google search ad, meaning the address will contain gclid parameter (Google Click ID), we will be presented with not only a trailer but also a full movie.

However, you need to pay with a Premium Rate SMS. At this point victim might think that watching a movie costs only PLN 0.31, but grey fine print mentions th

For some time now editorial team of Niebiezpiecznik has received worrying  signals about an OLX scam in which users are tempted with discount codes.

Victims receive information from the seller that in order to increase the security of the transaction the purchase needs to be carried out through the online store. At this point scammers provides victims with a website address along with a discount code.

Of course online store hosted at Pinamo.pl is fake and according to Niebezpiecznik the account to which victims transfers money is either a money mule’s account or is tied to some sort of cryptocurrency exchange.
Victims baited by an additional discount that decide to purchase through the

Cybercrooks have used a well known name of billionaire Elon Musk in order to trick Twitter users into paying them in bitcoins. In order to carry out the attack they have hijacked multiple verified Twitter profiles and disguised them as fake profiles impersonating an eccentric billionaire and later posted a message saying “I’m giving 10 000 Bitcoic (BTC) to all community! I left the post of director of Tesla, thank you all for your suppoot”.

If any of the users attempted to receive his “free” bitcoins he had to undergo “verification” of his bitcoin wallet by paying the amount of 0.1 to 1 BTC to the designated account. Cybercriminals are reported to collect up to $170,000 thanks to this.

Twitte

Mailboxes of users are being hit with a spam in which scammers are impersonating DHL Express’ courier service.

According to AVLab the subject of the message informs about the shipment number and implies that it is a international shipping – “DHL Customs Agency – Shipment No. …”. Later users are informed that courier already made an attempt to deliver the package and are asked to make a payment.

Message contains no attachment, instead malware is delivered through a hyperlink to site hxxp://dr-dastmardi.ir/bxicnv/rwzmevq.php. If the receiver of the message decides to click on the provided link a ZIP archive will be downloaded.

Experts from the AVLab have iden

The internet security experts from the Marken company distributing the Bitdefender antivirus software warn against cyber criminals impersonating system administrators.

According to the researchers the unknown group of hackers has send e-mail messages to numerous victims from the cborges@inea.gob.ve address, in attempt to extort e-mail inbox data.

In the message, the scammers inform the users that their inbox has exceeded the limit of storage space set by the administrator. They try to intimidate the victims by saying that they will not be able to send and receive any messages if they do not verify their e-mail inbox data once again. In reality the cyber criminals want to extort sensitive login information from the victims, such as: the users�