Fraudsters are impersonating PKO BP again. Did you receive an SMS with points from the bank? Be careful

Phishing (i.e. impersonating a well-known company or institution) is the most frequently used fraud method. It involves arousing emotions in a potential victim and forcing them to react quickly. This is why fraudsters most often use intimidation or threats (e.g. closing the account, charging interest, etc.) to force people to click on the link.

They impersonate PKO BB. They offer points for redemption

This time it’s a bit different. In a new scam, which the KNF’s CSIRT team is warning against, fraudsters encourage people to click on a link with alleged collection points. “The PKO Points Service would like to remind you that on your current points account (3,022 points), please exchange the points immediately,” we read in the text messages sent to Poles’ numbers.

The sender of the message is, of course, not any “point service” of the PKO BP bank, and the content of the message itself raises considerable concerns. The fraudsters did not even bother to read the message they had created and correct the obvious error in the text. Instead, they added a link, which is a “gateway” to the entire scam.

The link leads to a website located at pkobppl.top, which is clearly intended to pretend to be the real website of PKO Bank Polski. It is worth paying attention to this aspect. Although the content of the link itself is similar to the bank’s original website (pkobp.pl), the cybercriminals’ website is located in the .top domain. Obviously, Polish banks use the .pl national domain.

The fraudsters’ websites traditionally refer visually to the PKO BP website. Criminals also use the bank’s logo to encourage people to receive “Reward points”. Of course, to claim the alleged prize, you must provide your details and payment card number. The fraudsters’ goal is, of course, to clear the funds on the card. “Be careful and verify the address of the website you are on!” – warns CSIRT KNF.