The pre-holiday period is associated with increased shopping, which has been used by cybercriminals. CERT Poland warns against fraudsters pretending to be the InPost shipping company.

Scammers send text messages prompting users to download an app from a fake InPost website. The link included with the message leads to a fraudulent Google Play Store website.

In fact, the victim downloads Cerberus malware, which enables them to steal funds from payment cards and take complete control of the device.

According to CERT Poland, the malicious domain in the received text message is inposted[.].com. Meanwhile, the sender of the message is “ACM”.

If you have received a suspicious SMS, it

Fraudsters send SMS messages to fake payment forms, which are supposed to let users receive money for the goods purchased on the OLX classifieds website.

One of the readers of the dobreprogramy portal has been informed about a suspicious SMS message, which informed about the sale of goods using the OLX website and that if the seller wants to receive the amount due to him, he must use the attached link.
Content of the message: “Your goods are sold using the OLX website. The amount to be collected is PLN 1200: cutt.ly/GhxygVH”. If the portal’s reader would have decided to “collect money” and have found a fabricated form asking for the payment card or online banking login details, he would have an unpleasant surprise due to the loss of m

Data of customers with insurance policies concluded with various companies were available online without any additional security. The leak concerned policies within a period of 5 years from May 2015 to November 2020.

According to the Niebezpiecznik porta, the leak included names, PESEL identification numbers, photos of vehicles, tests of health insured persons, and even electronic versions of policies with the entire data package.

The data concerned clients insured through Ent Broker. According to Niebezpiecznik, dozens of directories with documents concerning the company were publicly available on the server, along with a customer policy folder, which contained 555 subdirectories, each of them related to one customer.

Fraudsters send SMS messages to fake payment forms, which are supposed to let users receive money for the goods purchased on the OLX classifieds website.

One of the readers of the dobreprogramy portal has been informed about a suspicious SMS message, which informed about the sale of goods using the OLX website and that if the seller wants to receive the amount due to him, he must use the attached link.

Content of the message: “Your goods are sold using the OLX website. The amount to be collected is PLN 1200: cutt.ly/GhxygVH”. If the portal’s reader would have decided to “collect money” and have found a fabricated form asking for the payment card or online banking login details, he would have an unpleasant surprise d

Cybercriminals attacked one of the largest Polish online stores, CoffeDesk, selling coffee along with accessories.

As a result of the attack on IT systems, some of the store’s services were unavailable. In the store’s press release, we can read that third parties have gained access to the store’s server as well as the data located on it. CoffeeDesk ensures that user data is neither lost nor exported. The store ensures its customers that payment card details have not been tampered with. However, the store recommends that all its customers change their password for online store, as well as email, online banking and social media.

On the CoffeDesk website, information has been posted that customer login data have been deact

PKO BP Bank has issued a warning message in which it warns against fraudsters posing as the bank’s employees. Under the pretext of security reasons, scammers trick potential victims into submitting confidential data to online banking and installing a remote verification application.

PKO BP Bank reminds its clients that during a phone call bank employees do not ask for passwords to any of its services, i.e. online, mobile, phone and they do not ask to install additional software from the Google Play Store, such as TeamViewer, QuickSupport, AnyDesk, which claim to increase the level of security of operations or access to the website.

Remember that the fraudulent data can be used for unauthorized transactions on your bank acco

The upacjenta.pl website, which offers medical services at home, has informed about a hack into their information and communications services, specifically access to the database of the RIOT Agency, which is the service provider.

As a result of the hack patient data was leaked, such as: personal data along with PESEL identification number, information on health (diseases, test results), contact details.

Customers have been informed about the risk of data theft, and the owners of the website conduct activities together with the Office for Personal Data Protection. However, it was not stated how many records were intercepted by cybercriminals.

Experts from CERT Poland warn against a campaign organized by fraudsters who want to obtain login details to the Allegro portal.

The scam concerns the attractive sale offers for iPhone X on Facebook social network. The cost of the phone is one thousand PLN.

The scammers explain such an attractive price as the last item in stock.
The link in the ad leads to a website that visually resembles the Allegro platform. The person who will try to log in on the fake portal page will provide the credentials to fraudsters. 

Experts from CERT Poland warn PKO BP’s clients against a campaign in which cybercriminals try to obtain login details for online banking.

The bank’s customers receive emails with information about the account being blocked. In order to restore access to the account, the victim has to click on the link included in the message, which leads to the fake website of the PKO BP bank.

According to CERT, the potential victim is asked to log into his account, in fact, the data is transferred to cybercriminals. In the next step, the fraudsters will try to intercept an SMS code from the victim in order to change the transfer authorization number.

The entire campaign is conducted in such a way tha

Experts from CERT Poland warn against scammers pretending to be InPost. Fraudsters send messages in which they inform them about the required payment, surcharges for a parcel that is already “waiting” in a parcel locker. In fact, scammers want to extort login details for online banking from potential victims.

According to CERT Poland, fraudsters also use the image of the eCard company through a specially fabricated payment form. If the victim enters their bank login details on the form, they will unknowingly pass them directly into the hands of cybercriminals. A potential victim should be concerned about a redirect to .uno and .life domains, which are in no way related to InPost.

According to CERT Poland, the above mentio

Apps dedicated to children that ran on Android devices stole data.

According to the experts from TechCrunch, Google has removed three well-known applications with more than 20 million downloads from the Google Play Store - Princess Salon, Number Coloring Cats & Cosplay.
Google has removed these applications after analyzing a report compiled by the IDAC organization.

Apps collected Android ID data and personalized advertising identification (AAID) data.
According to the portal dobreprogramy, when information from Android ID and AAID are processed simultaneously, Google’s security mechanisms can be bypassed.

The OLX portal has recently introduced a new feature in the field of transaction processing, namely a payment system, therefore, as expected, it will be used by fraudsters.

Fraudsters try to obtain the payment card details from the website’s users. They contact the victim via isntant messaging services such as WhatsApp or Facebook Messenger by sending them a link to a fraudulent page posing for the OLX payment site in order to complete the transaction. The fake page displayed the process of ordering shipment, in order to pay for the courier service, you must provide your personal data, payment card number and security code.

CERT Poland has placed the fraudulent website on the warning list. Remember to carefully inspect the

Experts from CERT Poland warn of a phishing campaign targeting Netflix users. Fraudsters send fake emails telling you to update your payment details.

They inform users about the suspension of the account, the message includes a link that takes them to a fraudulent page, the purpose of which is to obtain login credentials and payment card details of the service subscribers.

According to the CERT, cybercriminals often use the domains resembling a real address, such as www [.] Netflix [.] Pl [.] Rsga [.] Rw.
If any of you have clicked on the link you should block your payment card as soon as possible and change your Netflix login details.

More than 200 fake applications in the Google Play Store were detected by experts from the White Ops Satori Threat and Research Team. The number of downloads is quite large and amounts to 14 million.

As experts inform, the applications were mainly copies of retro games or Nintendo NES emulators.

People who downloaded fake applications were flooded with out-of-context (OOC) ads. All rogue applications that were categorized under RAINBOWMIX group were removed from the Play Store. The creators of the fake applications have managed to place them in the Play Store thanks to the low detection rate by using the so-called packers. According to the dobrepragramy website, thanks to the use of a packer, part of the downloaded content re

Experts from CERT Poland warn against fraud related to the advertisement posted on Facebook, suggesting the possibility of getting money by updating the PKO BP application. The advertisement is not related to the official bank’s activity, and its purpose is to steal money from the victim’s bank account.

According to CERT Poland, the person that decides to download the alleged update is actually downloading malware from the Alien family related to Cerberus. The purpose of the software is to steal your online banking login details, and this to withdraw funds from the account.

At the moment, it is not known whether the fraudsters only targeted the PKO BP bank in their advertising or created similar fake advertising campaigns