Another wave of brazen scams. The criminals pretend to be the largest bank in Poland

The period around Christmas is a time when – busy with other things – we become a little less careful. This, of course, is what fraudsters are trying to take advantage of by flooding us with another wave of scams. Now criminals are targeting the clients of the largest bank in Poland (once again).

Fraudsters again impersonate PKO BP

This time, the Computer Security Incident Response Team of the Polish Financial Supervision Authority (CSIRT KNF) is warning against another wave of fraud using the image of PKO BP. On a specially crafted website, fraudsters urge you to install an application pretending to be the PKO bank’s mobile application.

The website appears to be a carefully counterfeit and not only praises the advantages of using the app, but also contains detailed installation instructions in the memory of the mobile device. As the rogue program (fortunately) is not available in popular app stores, the scammers explain exactly how to carry out the installation process, giving it very high privileges and unblocking the possibility of downloading programs from untrusted sources. By executing these commands, the user (unknowingly) bypasses the phone’s security and installs the malware in his memory.

It is worth noting that the graphic design of the website has been surprisingly precisely forged, which may additionally mislead unaware Internet users. According to specialists from the KNF cybersecurity team, the malicious application is in fact trying to intercept login passwords entered on the screen of an infected smartphone.

Once again, they impersonate PKO BP

This is yet another wave of scams using the image of PKO BP in the recent past. A week ago, the bank warned against e-mails from fraudsters, in which they were persuaded to click on an attachment containing malware under the pretext of the alleged need to confirm the operation.

Earlier in December, the bank also warned against fake SMS messages allegedly from couriers and links to malicious websites sent by non-existent customers of online sellers. The principle of operation of criminals is similar in each case. They try to take advantage of the inattention of an internet user and persuade him to transfer money to frauds himself or to provide all the data needed to make a transfer or cash withdrawal from an ATM.

In recent months, criminals have also been calling unsuspecting people (usually random phone numbers) and pretending to be employees of the bank’s security department. Fraudsters usually persuade you to provide confidential information: banking login details, credit card numbers, BLIK codes or install a remote smartphone control application. Frequent excuses under which they call are alleged “suspicious account activity” or ever unsolicited transfers of funds that were allegedly blocked by fraudsters.

In addition, in recent months, PKO BP has also detected a wave of fake SMS messages and messages sent by instant messaging, including Messenger and WhatsApp. The criminals in the messages pretended to be customers of auction websites and persuaded people to allegedly receive payments by clicking on a link leading to a specially crafted page encouraging the provision of sensitive banking details.

How to protect yourself from fraud?

Therefore, criminals use old and well-known methods of cheating, but still very often used. Despite the – it would seem – obvious fact that we are dealing with an attempted fraud, a lot of people are still tricked into spoofing or, more broadly, phishing. We have written many times about how to protect ourselves against this type of fraud. Two of our guides are provided below: