Do you have a PKO BP account? KNF issued an urgent alert. Cheaters clean the accounts of Poles

The consequence squad to the Computer safety Incidents of the Financial Supervision Commission (CSIRT KNF) issued urgent informing for millions of Poles. Clients of the largest bank in the country – PKO Bank Polski were targeted by cyber criminals. Cheaters run a mass phishing run by sending false SMS messages aimed at stealing online banking login data and, consequently, stripping savings accounts. The scale and level of attack are advanced adequate that even careful users may fall prey to them. Experts are informing that this is 1 of the most dangerous campaigns aimed at clients of Polish banks in fresh years.

How does fresh deception work? Attack mechanics step by step

The cybercrime strategy is carefully planned and based on social engineering. The goal is to make a sense of danger and force the victim to take immediate, unthinkable action. The full process takes place in respective stages.

It all starts with a text message that resembles an authoritative message from PKO Bank Polski. The cheaters tell her about the alleged the urgent request to update individual data. In order to strengthen the pressure, there is simply a threat in the text content – the deficiency of consequence is expected to consequence in a permanent blockage of access to the iPKO service. This message aims to bypass a rational assessment of the situation and to get the recipient to click on the attached link.

A key component of fraud is simply a false link that leads to a website controlled by criminals. This run uses the Spotprem.cloudaccess.host domain with additional paths to authenticate the address. Upon clicking, the victim hits a page that visualally is an almost perfect copy of the iPKO transaction service. Criminals took care of all item – from colours and logos to the layout of the login form. An unconscious user, convinced to be on the bank's real website, entered his login and password. This data is immediately intercepted by fraudsters, giving them full access to the victim's bank account and the anticipation of immediate theft of funds.

Official position of PKO BP. The bank never asks.

In the face of an expanding threat, PKO Bank Polski took a clear position. Bank representatives categorically stress that the institution never send SMS messages to its customers asking them to update their data or any confidential information. Most importantly, the bank never places in SMS communication links leading straight to login pages.

In accordance with PKO BP's safety policy, any key account messages requiring client action are only transmitted through safe interior channels. These include news in the iPKO electronic banking strategy or authoritative letter correspondence. This rule is fundamental and should be treated as the main determinant of the authenticity of communication.

Any text message that contains a link to the alleged bank service and request to log in or supply data, should be immediately considered a fraud attempt. The bank regularly conducts educational campaigns, reminding customers of the basic principles of cybersecurity and sensitising them with specified threats.

How do you defend yourself from phishing? Key safety rules

The protection against phishing is based on the vigilance and application of respective simple but highly effective rules. Their implementation importantly minimises the hazard of becoming a victim of cyber criminals. Here are the most crucial ones:

• Never click on SMS links. If you get a message asking to log in to the bank, ignore it. To enter your account, always enter the bank's website address (ipko.pl) manually in your browser or usage the authoritative IKO mobile application.
• Check the site's address carefully. Before giving any data, make certain the address in the browser bar is correct and preceded by a closed lock symbol, meaning an encrypted connection (HTTPS). False pages frequently have addresses with typos or are located on different domains, as in this case cloudaccess.host.
• Don't give in to the force of time. The cheaters deliberately make a sense of urgency and danger (“Your account will be blocked!”, “Required immediate verification!”). actual financial institutions never usage specified methods. Any message causing panic should light a red light.
• Enable two-component authentication (2FA). This is an additional layer of security, which requires confirmation of login e.g. by code with SMS or mobile application. Even if criminals get your password, without the second ingredient they will not be able to log into your account.
• If in doubt, contact the bank. If any news raises your suspicions, don't hazard it. Call the authoritative bank hotline or go to the nearest branch to verify the authenticity of the message.

What if you fishy fraud? Reporting is your contribution to security

If you received a suspicious message or realized that you might have been a victim of fraud, fast action is crucial. Your reaction may not only save your resources, but besides aid defend another users.

Any phishing effort shall be immediately reported to the applicable institutions. In Poland, the main actors in analysing specified threats are CSIRT KNF and CERT Polska. Reporting a suspicious text message is easy – just send it to the number 799 448 084. An incidental may besides be reported through forms on the websites of these institutions.

Providing information about a fresh scammer run allows analysts to take fast action, specified as blocking malicious websites and issuing public warnings. Remember that reporting incidents is not only about protecting your own interests, but besides about expressing work and an crucial component in building a collective cybersecurity system.

In the face of an ongoing attack, be peculiarly vigilant. Your cognition and caution are the most effective weapon in the fight against cyber criminals.