Attack on PKO BP bank customers

Fraudsters impersonate PKO Bank Polski. They send customers emails with alleged transaction confirmation. Cyber ​​criminals attach an attachment with malware to the message.

– Criminals send false confirmation of operations in which they impersonate PKO Bank Polski. E-mail pretends to be a notification from the transaction website, and the content and title suggest that the attachment confirms the transaction with iPKO. Opening the attachment causes malware installation – thanks to this, criminals have control over the victim’s computer – we read in a press release from the PKO BP press office.

—

Do not open or forward a fake message. If the e-mail attachment was opened or downloaded by the recipient, it most likely occurred on the device installing malware, warns the bank. As recently as last week, criminals attacked InPost customers using the same method of phishing.

PKO BP asks for urgent contact with the hotline persons who have received such or a similar message and clicked on the link. Bank customers can contact the institution using two phone numbers:

• 800 302 302 (for national numbers within the country),
• + 48 81 535 60 60 (for calls from abroad and from mobile phones).

After installing malware on your device, cyber criminals have victims full access to all saved items, among others contacts, login details for online banking or an SMS. Scammers who have the right information can “clear” bank accounts people who fell victim to them. We wrote more about identity theft and about what steps to take in the article “What to do if we fall victim to theft of personal data?”.

—

DF

Source: