Access to test builds of Windows through Windows Insider Program channel has been used by cybercriminals. According to Kaspersky, more and more people are downloading and installing application posing to be Windows 11 installer, which in fact is a camouflaged malware.

According to Kaspersky’s malware experts, it contains a file which matches the size of Windows 11 installer - 1.75GB and name matches the actual Windows 11 build number 86307_windows 11 build 21996.1 x64 + activator.exe. However, there is one but - the file contains a single DLL file that is tasked with downloading another file. This file then displays the “License Agreement” dialog box where in its summary you can read that “sponsored applications” will be installed on the compu

Pegasus is a software used by government agencies of multiple countries, which allows to take control of almost any smartphone. For this purpose, it is sufficient, for example, to receive a message sent via WhatsApp messenger. Pegasus is software marketed by the Isreali company NSO.

According to the Niebezpiecznik website, journalists from the Forbidden Stories and Amnesty International have obtained a list of 50,000 personal phone numbers from around 40 countries that were targeted by Pegasus.

Unfortunately, Pegasus has not been used only for fighting criminals, the obtained list includes journalists, activists, businessmen, academics, government officials and lawyers that are inconvenient for individual countries.

In order to encourage Poles to vaccinate against COVID-19, the government has organized a lottery, and from July 1st, 2021, vaccinated people can take part in the draw by registering on the patient’s online account or via the hotline, a fact that fraudsters will certainly not miss.

According to Computer World, phishing campaigns based on the National Vaccination Program Lottery should be expected soon. As you can find out from the gov.pl website, the system of informing about the winnings is to be done via SMS from the number marked as “Lottery”. After receiving the information of winning, go to the lottery website and check if your details: masked phone number, first name, first letter of the family name are on the list of winners. The lottery pr

Until now, the scam scheme on the OLX was based on sending messages to the victim via the WhatsApp messenger. CERT Orange Poland warns against a new pattern of fraud.

Scammers send an email that looks credible, it contains the correct OLX logo, as well as official sounding content. By sending an email from the olx-alerts.com domain, scammers inform the seller that their item has been purchased and that the sale must be confirmed within 24 hours. To do this, one must click the “confirm order” button included in the email, after which they will be redirected to the OLX partner’s page - InPost / Poczta Polska.

According to the CERT, all links but the last contained in the message lead to the actual subpages on the OLX webs

Fraudsters send fake messages to Millenium bank customers regarding the receipt of a wire transfer.

The message concerns the confirmation of the transfer for a high amount. The message is accompanied by an attachment in the form of a pdf in which the invoice for the received transfer is supposed to be contained.

According to the Computer World portal, in the attachment there is an ISO image with Ave Maria malware in it.
Ave Maria is a Trojan that allows cybercriminals to remotely execute code on the victim’s device, which can be used as a keylogger, to intercept passwords entered when logging into a bank account or a social network.

Remember not to rashly open links attached to the messa

In the Public Information Bulletin of the Warsaw City Hall, there was information about the data of property owners being sent out in an email by mistake.

Content of the message:
“The Mayor of the Capital City of Warsaw informs that we mistakenly sent to unauthorized persons the numbers of land and mortgage registers, which are included in the real estate price registers. The security incident consisted in the fact that the IT system operated incorrectly and generated a list containing unnecessary, redundant information - land and mortgage register numbers ".

Attached to the above message was an inventory of real estate, which was sent to four recipients on MAy 27, June 27 and June 29, 2021. The first three me

A new phishing campaign has been launched, in which criminals send a text message suggesting that the recipient has a pending voice message.

According to CERT Orange Poland, the SMS contains only the text “New voicemail” with a link. Be careful, because the link directs to software from the Flubot family. Flubot is responsible for the overlay attack. This type of attack is based on activating the overlay while using the banking application in order to intercept login data and an SMS with authorization code.

Flubot malware is able to send SMS messages using the victim’s contacts to continue the spread.

Antivirus software company Avast warns against downloading illegal copies of games. According to the company, cryptocurrency mining malware is hidden inside the games.

The name of the malware “Crackonosh” refers to the Czech Republic, as there are suspicions that its creator comes from there.
Games that may contain malware are NBA 2K19, Grand Theft Auto V, Far Cry 5, The Sims 4 and Jurassic World Evolution. Crackonosh is able to disable multiple antivirus software and by using the computing power of the intected equipment, it enables cybercriminals to illegally mine digital currencies.

According to the portal dobreprogramy, citing an analyst from Avast, Crackonosh attacks up to 800 devices a day, and at the momen

Volkswagen informed about the possible data leak of 3.3 million Volkswagen and Audi customers. The leakage occurred as a result of improper security of the service provider’s database.

According to the cited information, the database was not protected for almost two years, and the data included customers from 2014-2019. The data that reached the network, in particular the authorized dealers from the USA and Canada, included information on the method of financing cars, registration numbers and VINs. IN addition, as the manufacturer informs, the data included personal data of customers, potential buyers, residential addresses, email addresses and phone numbers.

In case of US and Canadian customers, the leak may also include i

Santander Bank struggled with the failure, customers were charged 100 times more from their account than the actual payment.
Downdetector was flooded with reports from affected customers, in which customers complained about the excessive blocking of funds, for example, instead of PLN 13.37, the amount was PLN 1337.

According to dobreprogramy, there were relatively few reports, but not everyone could immediately notice the current account balance.

The breakdown started before 15:00 and was fixed at 21:40. In the issued statement, the bank informed that incorrect, higher amounts blocked on transactions with payment cards were automatically lifted. The problem concerned less than 1% of transactions executed by the bank

The UNIQA company - the owner of AXA, sent emails without the BCC (blind carbon copy) field, revealing the data of 1000 customers in each email. As a reminder, the BCC option allows you to send messages to multiple recipients, preventing the disclosure of sensitive data - recipients cannot see each other's emails.

According to the Niebezpiecznik portal, UNIQA first sent out emails revealing the data of 1000 customers in each email, and then revealed the same data again, as the “email cancellation” mechanism was used.

The message concerned information about the change in the terms and conditions of using the PPK online service for the Employing Entity. It should be noted that the message recall feature

Fraudsters send fake text messages pretending to be PGE, Polska Grupa Energetyczna. Fraudsters threaten to disconnect the electricity due to arrears of a few zlotys.

In order to settle the arrears, one needs to click on the link attached to the SMS message.

According to the portal Niebezpiecznik, messages are sent from multiple numbers and direct to various links, which are redirected through the cli.co domain. The website the victim visits poses to be the PGE’s website and redirects to the fraudulent payment gateway. Depending on the bank’s choice, the theft of funds takes place via BLIK or an attempt to intercept personal data (PESEL, mother’s maiden name) used to connect the mobile application to the appropriate acco

CERT Orange Poland warns against a fake version of the WhatsApp application for Android phones. The installation file is whatsapp.apk and within it is hidden Anubis malware. It is one of the banking Trojans, appearing most frequently on malicious websites, however, there have also been cases where it could be downloaded from the Google Play Store by downloading additional content.

As reported by the dobreprogramy portal, Anubis malware runs in the background and also hides its application icon. It is able to save all data from the phone’s keyboard, intercept text messages and calls. Of course, this is the way to hijack your online banking credentials by cybercriminals.

As suggested by CERT, cybercriminals wanting to increas

In order to take out a loan, you usually need to present your identity card in addition to your personal data and PESEL identification number. Niebezpiecznik portal, based on the example of its reader, shows how a fraudster can take out a loan, based on publicly known data.

The reader of the portal, by including the notification from the Credit Information Bureau, found out that someone had taken a loan in the amount of PLN 5,000 in his name via the SuperGrosz.pl loan service, which is run by the AIQLabs company. The downloaded report show that the reader’s data had already been verified at the beginning of this year by AIQLabs.
On the SuperGrosz.pl website, the final verification of the borrower takes place at the agency of Polish Post or Po

A woman from the United Kingdom lost GBP 9,000, scammers created a fake advertising campaign using the image of a famous person - Elon Musk, owner of Tesla and SpaceX.

The deceived woman came across a specially crafted BBC website, from which she found out about the said campaign. The advertising campaign assured that after making a deposit in bitcoin, a payout of double the amount would be made. The victim, after realizing that she was a victim of fraud, immediately contacted her bank. However, the money was no longer recoverable as the transaction was made voluntarily.

According to the Ladbible portal, the BBC has taken steps to close the fraudulent website.