publication
2025-08-12 06:00
Although several music festivals are behind us, the next few weeks will be marked by subsequent events. Cybercriminals, using the inattention and rush of buyers, deceive them on second -hand tickets. Classic fraud using brands of famous banks has also returned. Here are the most important scams from the last week.
A few large music festivals are behind us, but we still have a lot of holiday concerts ahead of us. Fraudsters targeted people who have not managed to buy tickets on time and are looking for second -hand tickets.
I am urgently selling a concert ticket!
NASK warns that impersonation under sellers and relying on emotions (low price or an extremely attractive place in the audience) are standard scammer games. Unfortunately, still effective. As a result, we lose money, and cyber criminals gain access to our personal data.
But just cheating on the ticket is not everything. Hackers create websites reminiscent of well -known sales portals or sites of events. Everything looks correct at first glance (of course, only the address does not agree). So the user chooses a ticket, makes payments and receives confirmation of purchase and e-mail with an attachment. Only during payments, few people pay attention, for which they actually make fees (e.g. it is a Blik payer from an ATM).
Do you want to activate the app? Put the card to your smartphone
There was also a fraud using well -known banking brands. In the last week, CSIRT KNF warned against attacks on clients using mobile banking Santander Bank Polska and PKO Bank Polski. In both cases, criminals sent links to a fake banking application. During its activation, the user was asked to apply the card to the phone to read the data from the proximity module (NFC).
“The dangerous application after starting is trying to persuade the victim to apply the payment card to the NFC interface on the phone, which may result in theft of funds. Do not be robbed and remember to collect the application only from official sources” – warn the analysts of CSIRT KNF.
Watch out for false communication tickets
NASK also drew attention to a fraud involving the sale of long -term public transport tickets – most often for symbolic amounts, e.g. PLN 10. “The offers are provided with logos ZTM, MZK or city coats of arms, which is to inspire trust. After clicking on the advertisement, the user goes to the false payment page, which imitates the official system. It is required to provide the payment card data. Effect? Neither the ticket or money – but access to the account goes to the hand of the fraudster.” – we read on the NASK website.
The classic returns – a fraud for an unsuitable package
Last week, there were also classic fraud using a courier method. CERT Poczta Polska warns that a phishing campaign has started at clients of Poczta Polska. Fraudsters send SMS messages to random phone numbers, informing about the allegedly unsolved parcel.
The content of the message contains a link leading to a crafted phishing page, which impersonates the official Pocztex service, courier services of Poczta Polska. The purpose of the attack is to extort the user's personal data. Links lead to domains on the Cert Polska list.
