mBank warns against cybercriminals who send links leading to fake payment sites – for example PayU, DotPay or banking sites. The announcement added that fraudsters often attack sellers and buyers online – including on the OLX portal. “They pretend they need details to pay for the item, but they are really extorting data,” explains the bank.
“The pretext varies: extra payment for a parcel, overdue phone bill or information about vaccination. They ask for: PESEL number, mother’s maiden name, PIN for the mobile application, login and password for the banking website or payment card details. They use SMS messages. , e-mail, WhatsApp, Messenger and social media to send links to pages that look credible “- informs mBank in a release.
How scammers extort data – examples
He also advises his clients to pay “special attention to this” because “these may be fake sites” and “if you provide data there, you will disclose it to criminals”
The bank also showed an example of fake phishing sites:
“We also warn against fraudsters who call under the pretext of, for example, verification of a fake transaction, a blocked account, a special Police / CBA action or assistance in investing in cryptocurrencies” – we read in the release.
It added that fraudsters “will persuade you to provide personal data, payment card details, data necessary to use online banking and encourage the installation of additional software, such as AnyDesk or QuickSupport TeamViewer, which can remotely control a computer or smartphone.”
The bank explains that cybercriminals “take advantage of the weaknesses of telecommunications systems that allow them to impersonate any telephone number, such as a bank’s hotline, a hotline of various state institutions or business entities.”
“Be especially careful: do not install QuickSupport TeamViewer or AnyDesk”, appeals mBank. He adds that “no bank employee, police officer or investment advisor can demand the provision of these data and the installation of such software” – explains mBank. If someone does this, he adds, the fraudsters “will be given access to a bank account,” which could lead to the loss of money.
The message shows an example of a scammer’s conversation with the seller on OLX with a visible link with a fake domain:
Main photo source: Shutterstock