Sunday 28 March 2021, Poradnik bezpieczeństwa

A wave of attacks targeting OLX users

Lost24

Niebezpiecznik portal warns against the growing wave of attacks targeting OLX users. Niebezpiecznik claims that the problem has grown to a scale that has not yet been seen on the Polish Internet.


The attack is based on pretending to be a buyer and obtaining the payment card number from the seller along with other data under the pretext of receiving payment for the purchased product.


Scammers communicate with the buyer via OLX or ask for an email address to which they send a fake message pretending to be the classified ad service. There is also an option to call back via WhatsApp messenger if the seller has provided a phone number in the listing.


In the next step, scammers send a link to the fake website impersonating OLX or a courier company and inform the seller to accept the receipt of money on it. On the website, the seller is asked to provide payment card details, there is also a request to provide credentials to the bank account, personal data such as PESEL number, mother’s maiden name, and in the next step a code from an SMS, which allows scammers to gain access to the seller’s account and clear it out.


In order to authenticate the transaction, sites fabricated by fraudsters include information on the items the victim is selling. Fraudsters also send out posters and documents that imitate official OLX documents confirming that this form of payment for the transaction is correct and secure. Scammers also generate fake transfer receipts.


Niebezpiecznik warns never to give your payment card number in order to receive money. Remember that providing your payment card number only means that someone is going to withdraw funds from it.
According to the portal, recruited Russians and Ukrainians are behind the attack on OLX, looking for a quick income.