CSIRT (Computer Security Incident Response Team) – the Computer Security Incident Response Team of the Polish financial sector summarized the first quarter of 2021 in the field of security on the Polish market.

In the first quarter of 2021, CSIRT reported to block 969 unsafe domains. The team noted the following cyber crooks’ practices:

1. Impersonating well-known advertising portals. The criminals contacted sellers mostly via Whatsapp, sending a referral link to collect the alleged payment. Of course, the payment was not made. In return, the crooked passed their card details to the scammers.
2. Impersonating an investment website. Fake sites imitated well-known companies like Pfizer and even state institutions like the National Bank of Poland to encourage fake investment – most often in cryptocurrencies.
3. Surcharge for a parcel and an attempt to deliver it again. Fraudsters sent text messages to random victims, hoping that some of them were actually waiting for the parcel and would pay for it.
4. New malware – FluBot. The virus is installed on the victim’s phone and forwards dangerous messages using the contact list of the infected phone.
5. Impersonating the police. Fraudsters sent text messages demanding payment for the fine under the threat of transferring the debt to the public bailiff. The links in the messages were phoney and using them resulted in the account being wiped.
6. ProteGo Safe. New practice related to the Covid-19 pandemic. Impersonating the application resulted in overlays on banking applications and aggregation of all entered data straight to the fraudsters.
7. Impersonating the Ministry of Finance. The attack consisted in imitating the Ministry’s websites in order to create the impression that providing the payment card details would help in obtaining the subsidy compensating the period of Covid-19 pandemic.

The report shows interesting trends related to cyber fraud that all participants of the Polish financial services market, including providers and users, must take into account. Although many methods are repeated in the statistics, the current realities favor new ideas of cyber crooks. Keep this in mind and be vigilant.