Cybercriminals do not take time off and for years they have been successfully flooding the Polish Internet with massive phishing attacks (impersonation of well-known brands). This time they decided to use an old, but apparently still very effective way of fraud, impersonating Allegro.
A new scam targeting Allegro customers
Like a shopping platform, cybercriminals send messages to Poles with “notification of account suspension”. In the e-mail we read that there was an error in the “billing data” that caused the suspension of the Allegro account. Scammers assure that the blockade can be instantly removed in just “two steps” – all you need to do is update your “billing data”. After clicking on the link, the victim is redirected to a crafted website, where he is asked to provide login details for Allegro and electronic banking. The aim of the scammers is, of course, to take over the account on the site and steal funds from the victim’s bank account.
Both the website and the message from the scammers are fake and contain stolen shopping platform logos. Criminals used a well-known and proven phishing method here, threatening with imminent account blocking and the risk of no access to their orders. In the e-mail, they even threaten that in the event of refusal to provide data, Allegro will be forced to permanently suspend the account. Some people may therefore act impulsively and provide sensitive information to scammers. Allegro warns that it never threatens to block or delete an account in connection with updating any data. Messages similar to this were sent to Polish Internet users already in March this year, but this is only one of many fraud methods that have been used in recent days.
Cybercriminals are hunting Allegro customers. Sometimes a stick, sometimes a carrot
In late April, two other scam schemes surfaced. fraudsters impersonated Allegro, claiming that due to the update of the regulations, the website was forced to re-accept the rules. In order to agree to the changes, it was necessary to go to the cybercriminals’ prepared website and provide their login details. Otherwise, the account was to be blocked. In , instead of a stick, the fraudsters decided to use a carrot and offered a “loyalty bonus” for using the site (and not a small one – almost PLN 660). Of course, in order to collect a fictitious bonus, you had to enter your login details on a crafted website.
Source: Gazeta
Mabel is a talented author and journalist with a passion for all things technology. As an experienced writer for the 247 News Agency, she has established a reputation for her in-depth reporting and expert analysis on the latest developments in the tech industry.
