Clients of Bank Polskiej Społdzielczości (BPS) S.A. receive fraudulent messages with notices of received transfer.
According to CERT Poland, a link confirming the transfer is attached to the message. The fake message originated from the cobra-europa.eu domain, fraudsters inform in the message about the money transfer of over PLN 70,000 as well as inform who the sender of the transfer is.
According to Komputer Świat portal, as usual – clicking on the link leads to the ISO image, inside which the .exe file is located. Opening the file leads to the installation of malicious software called FormBook / Xloader.
Malware is capable of stealing data from the victim’s device. Remember, if you ever receive this type of message it is best to delete it.