The attack on users of OLX classifieds portal that we wrote about recently has been modified, possibly due to the spread of the described scam scheme on the web.

The Computer Security Incident Response Team of the Polish Financial Supervision Authority noticed that scammers on OLX are trying new methods, aimed at one thing - extorting money.

Until now, the attack consisted in sending the seller on OLX a link to a fraudulent website pretending to be OLX or a courier company in order to accept the receipt of money for the purchased item. On the website, the seller is asked to provide payment card details, there is also a request to provide credentials to the bank account, personal data such as PESEL number, mother’s maiden name, and in the next step a code from an SMS, which allows scammers to gain access to the seller’s account and clear it out.

The new campaign consists in sending a message on WhatsApp in which the sender is impersonating an OLX technical support worker. Scammers suggest that they know the person has been the victim of a scam and will help them recover the funds. The victim is sent a link, and the next step is to persuade the victim to transfer funds, which is to be a form of assistance to the police in locating the perpetrators. The conversation is conducted in such a way as to give the victim the impression that they are dealing with a professional. Fraudsters, just like last time, want to obtain the payment card details.

The Computer Security Response Team of the Polish Financial Supervision Authority shows screenshots of conversations with fraudsters, it is worth reading them to avoid unpleasant consequences.