Scam on mObywatela. A new way to extort money

Digital fraudsters are not idle. Thieves invent new ways to deprive us of personal data, logins, passwords and money. The repertoire of criminals is wide, and their methods of operation can surprise even experienced security experts. Internet thieves impersonate ministry officials, inspectors of the Central Statistical Office, the National Labor Inspectorate, the president of the Patent Office, and the National Bank of Poland.

CERT warns against fraudsters. They impersonate the mObywatel application

Every time thieves come up with new ways to rob us. It’s the same this time. Fraudsters impersonate the popular mObywatel application. The new practice was revealed by Iwona Prószyńska from the CERT Polska Team operating within the structures of the NASK National Research Institute.

A cybercrime expert talked about the details of how criminals operate online. They use a proven scheme known from other campaigns, including: “for electricity”, “unpaid shipment”, “message from the bank” or “tax refund”. They send text messages whose sender is allegedly a mobile application published by the Chancellery of the Prime Minister.

Scammers send links to fake websites

At first glance, everything looks like an ordinary text message, but this is only an appearance. However, the content contains a link to a fake Play Store page. After installing the software, they gain the ability to steal personal data, as well as logins and passwords to banking websites.

“Usually, clicking on a link does not have any negative consequences for us, but we end up on a website prepared especially for us by criminals. This is also the case with the fake mObywatel application. We are to log in using our electronic banking login details“– said Iwona Prószyńska on Polish Radio.

“If we enter our electronic banking login details on a fake website, our account is open to criminals. We can expect the account to be depleted of money or fraudsters to take out a loan using our personal data,” she noted.

Scam on the mObywatel application. Thieves count on the naivety of recipients

When sending fake messages to thousands of people, digital thieves count on their naivety, haste, trust in digital formalities or the gullibility with which we send money every day without checking the recipients. Most victims explain that they did not have time to check where the message was sent from.

Experts advise that after receiving such a message, you should always carefully check the domain name, i.e. the address of the sender’s website. In their opinion, such a simple action will help us avoid problems and protect the money in the account. CERT also warns us against other methods used by fraudsters. “Beware of false requests for a quick transfer”, “Beware of fake online stores”, “Beware of fake investments online” – he informs on his website, exposing numerous frauds.