Watch out for e-mails with PKO BP. One click and you can lose your account

PKO Bank Polski warns against false e-mails with the topic “confirmation of the transfer”. Clicking the link threatens to lose money.

PKO Bank Polski alert its clients with a ongoing wave of phishing attacks. Fraudsters impersonate the bank and send emails that resemble official correspondence with IPKO. The topic of the message usually is “confirmation of the transfer” or a request for data verification.

Cyber attack

Cybercriminals use the crafted address of the sender and place in the content a link leading to the false page of login. The site has been designed to look like a real PKO BP website. The customer who provides his login details there exposes to their theft, and then to the loss of funds from the account.

The danger is also associated with attachments attached to the message. Their opening results in the installation of malware that can capture logins, passwords, and even record the contents of the computer or record the pressed keys. As a result, cyber criminals can gain access not only to online banking, but also to other services requiring login.

News from the bank

The bank reminds that authentic messages from PKO BP never contain links or attachments that require customer interaction. In official communication, the institution also does not ask for re -providing login data. It is worth maintaining alert and before logging in to IPKO always check that the address of the page starts with the correct domain of the bank.

Experts also warn that false links may appear in search results as advertising. Therefore, even when using the search engine, the site’s address should be thoroughly verified.

PKO BP calls not to click in links and download attachments if you receive a suspicious email. It’s best to delete the message immediately. If the customer has already had contact with the false page, he should immediately contact the bank and change his passwords.

Phishing attacks are more frequent and their effects can be serious. Therefore, customers should be guided by the principle of limited trust – any unexpected request for confirmation of data can be an attempt to fraud.