Internet users have been receiving e-mails informing them about the possibility of claiming a tax refund. This scam is particularly dangerous considering that its victims may lose all the money from their bank accounts. This time, the scam has been targeted at clients of PKO BP.

The e-mail purports to come from the Polish Ministry of Finance. The victim is assured that they are eligible for a tax refund following the last calculations of their fiscal activity. To claim the refund, the victim needs to file a tax refund claim form, which is attached to the e-mail.

If the attachment is opened, the computer becomes infected. As a result, when the user tries to access the PKO BP website, they are redirected to its spoofed version. If the user does not notice that the fake banking website does not use the SSL protocol and attempts to log into their account, they automatically send their information to cybercriminals. The victim is subsequently asked to enter a text message verification code – at this point, instead of receiving their tax refund, they have their bank account emptied.