Poles’ wallets are being drained again. Pekao customers must be especially careful
Scammers have taken their creativity to a new level. They’ve made the bank address bar they’re impersonating look real. We know how to check it so you don’t get fooled.
Fraudsters are not sleeping. On the contrary, they are competing in ideas on how to persuade Poles to provide them with e-banking passwords. Now they have come up with something clever, to such an extent that some Internet users may fall for it. Criminals are impersonating Bank Pekao.
What is the trick? The scammers seem to be a bit more clever and decided to “plant” a real address to confuse their victim.
Almost like Pekao
The scam starts on Facebook and encourages you to click on an advert for a good deal. Who among us wouldn’t be interested in an extra 5% on a deposit from a reputable bank?
On the surface, everything looks as it should. The logo, the colors, the address on the bar. The latter is just a backing, because in reality it leads to a completely different domain than the bank’s. The only thing that doesn’t work here is the name “Mobile App” as the account name. After clicking, we are redirected to a domain created by fraudsters, which begins with hxxps://. But it’s easy to be fooled, also because when clicking via Facebook, we only see a fragment of the address. The fraudsters also made sure that the clicker has as few doubts as possible – after clicking the address, the following image appears on the screen:
No wonder we are almost certain that we are visiting a real bank website. The address bar even has a mythical padlock. But it turns out that it is not an address, but merely a static graphic. That is the trick. The only place where we can enter something is at the bottom of the graphic. There we are asked to provide a customer number, password and other data that will allow the fraudsters to take control of our account.
How to avoid this scam?
Checking the address in the bar requires a different approach. It’s not enough to just look at it, you have to try clicking on it and see if it’s just a static dummy.
See: ATM Didn’t Dispense Cash? Here’s What You Can Do
See: PKO BP customers receive a strange notification. You are not allowed to do this