Phishing: "access to your account iPKO has been blocked!"

A few of our readers report that yesterday evening were victims of phishing – this time "on the iPKO". While today in the morning come to us very disturbing information. It turns out that the scale of this phenomenon very quickly gaining strength. Some people receive some of these messages, and the other after a few decades. For mailboxes real unlucky ones, such as. Daniel (thanks for the info) are dosłowanie filled with spam-over 100 messages from yesterday.

In this case, phishers can and tried to correct polszczyznę, but the message is so poorly constructed that it's hard to pick up on this scam. Original content:

For the sake of the safety of our customers, we have blocked the account iPKO, the reason is unauthorized access to your account.

In order to regain access, please verify the account owner, by logging on to: hyperlink to a fake site hxxp://

Best regards,

A Team Of Polish PKO Bank

If you have any questions, please contact Hotline 801 307 307

This email has been automatically generated. Please do not reply to it. Universal Savings Bank Polish joint stock company with its registered office in Warsaw at ul. Puławska 15, 02-515 Warszawa, registered in the District Court for Warsaw in Warsaw, XIII economic Division of national court register under KRS 0000026438; NIP: 525-000-77-38 REGON: 016298263; share capital (paid-up) 1 250 000 000 $.

If the victim unaware of a false message clicks on the hyperlink, you will be redirected to the ' straw man ' and very reminiscent of the real Bank website, the differences are subtle and, as usual, are stuck in the details:

The procedure for the acquisition of confidential access data user is standard in such cases. The victim in the framework of the "verify" your account is invited to enter his login/ID/customer number and password. Then redirect to another page,

where is invited to give three disposable codes. And it's enough to make in the near future closer to the unidentified person who came into possession of the login, password and one-time code signed in to the account of the victim and performed the transfer money to other, substituted account.

In such cases, you should keep in mind, żebank never asks you to verify your account or provide any data via email or SMS. What's more-interesting fact-in the near future the bank iPKO disables the ability to remember the login information for your account in Web browsers-up fear to think that there are such people.

Sample phishing detection by Webroot BroghtCloud

Comment of the representative of the Bank in our article:

Of course, PKO Bank Polish is not the author of these emails, they are distributed randomly by people pretending to be a Bank.

This kind of fake pages are always at the request of the Bank blocked-already we have taken the appropriate steps. We respond immediately to any signal about shipping fake emails and each case is reported to the law enforcement and international certs, which deal with the fight against cases of breaches of computer security, as also prevention of this type of fraud in the future.

Customers be warned in transactional sites on the pages of the Bank and in correspondence. We also share the educational, social media and publishing.

We remind you that the bank will never request any data feed via email or SMS. Please exercise caution and limited confidence in relation to emails or text messages, which is asked to provide sensitive data or using the link. Be warned that these are fake messages aimed at not only stealing from the customer personal data or data cards, but also install on their computer or on the phone potentially harmful programs spying on and tracking its action.

Please do not reply to such emails, do not use the link and do not share your personal information, your login and password to your account, disposable codes, as well as data on the payment card-PIN, CVV code. These details are for the exclusive client message.

Learn more about our offer

If you sell security solutions, are a distributor, authorized partner or developer and would like to share your portfolio with a group of potential customers, advertise an event, software, hardware or other services on AVLab - simply write to us. Or maybe you had to deal with ransomware? We can also help you decrypt your files.
Read more

We use Google Cloud Translation and Gengo API’s to translate articles with exception of our comparative tests.