Experts from CERT Poland warn PKO BP’s clients against a campaign in which cybercriminals try to obtain login details for online banking.

The bank’s customers receive emails with information about the account being blocked. In order to restore access to the account, the victim has to click on the link included in the message, which leads to the fake website of the PKO BP bank.

According to CERT, the potential victim is asked to log into his account, in fact, the data is transferred to cybercriminals. In the next step, the fraudsters will try to intercept an SMS code from the victim in order to change the transfer authorization number.

The entire campaign is conducted in such a way that most recipients should be aware of the scam, the email is written in broken Polish, and the link in the message takes you to the ipko-securpl[.]com website.