A trap for a Pole. At-risk PKO BP customers
PKO BP sent you an SMS? Beware, this is a nasty scam. Carelessness can cost you dearly.
Dangerous text messages are being sent to Poles again. Message looks like a reminder from PKO Bank Polski to reactivate the payment card. However, at first glance it is clear that the link in the message does not lead to the bank’s website (the domain belongs to an Italian hosting company).
After going to the address in the message, the victim will see a portal that closely resembles the iPKO electronic banking login page. There are fields for username, password and phone number. On the next page of the form, you are asked to provide your payment card details. If you go to this site, do not under any circumstances provide your information here!
The aim of this attack is to collect information about PKO BP Bank customers. The information you enter will end up in the hands of cybercriminals and may be used in subsequent attacks. Since payment card numbers are also collected, it is possible that money will disappear from victims’ accounts in the future.
Beware of a phishing campaign impersonating @PKOBP.
Fraudsters send fake SMS messages informing about the need to reactivate the card. The link in the message leads to a dangerous website where, apart from login details, fraudsters also extort… pic.twitter.com/DdyMWqxYNN
— CSIRT KNF (@CSIRT_KNF) February 12, 2024
When reporting on this attack, specialists from CSIRT KNF remind: always carefully check the address of the website where you are entering information. If a bank is involved, it is best to enter the website address manually. If you receive a similar SMS, call the bank’s hotline and make sure that any action is actually needed on your part.
It is worth sending this type of text messages to the number 8080 so that they will be dealt with by specialists from CERT Polska. This will help protect others.