Do you have an account at Santander Bank? Watch that text

Cheaters do not halt trying to extort data from unconscious electronic banking users. In the latest phishing campaign, Santander Bank Polska customers became the mark of the attacks. Fake SMS messages that impersonate the bank include links to fake websites where users may lose their individual data and payment card information. This is another effort by cyber criminals to extort login data into bank accounts.

What's the attack look like?

The phishing attack begins with a text message that appears to originate from Santander Bank Polska. Message content suggests that the user must ‘verify the account to avoid blocking it’, which is to make a sense of urgency and fear of losing access to the account. The message contains a link to the fake page that imitates the bank website.

Cyber criminals make certain the message looks as credible as possible. They usage different telephone numbers, including those with the Polish code +48, which can besides confuse the recipient. Unfortunately, even if the look of the news is convincing, customers may announcement subtle errors specified as typos or different characters in content that should rise suspicions. In many cases, scammers usage these characters to bypass automatic SMS filters utilized by mobile operators.

What are the dangers of clicking the link?

Clicking on the link in the message moves the user to a website that is like the log-in page to the Santander Bank Polska website. The website may ask for login data, card number or another delicate information. In fact, this data is straight transmitted to cyber criminals, which may lead to:

1. Personal data theft – cheaters can usage the data obtained for false transactions or for establishing accounts in the victim's name.
2. Stealing funds from your account – erstwhile you have access to electronic banking, criminals can rapidly get money out of the account.
3. Account charges with unauthorized transactions – card data can be utilized to charge the account in various online transactions.

How do you admit a false text?

Phishing SMS messages can be very convincing, but there are respective key elements that can aid you admit them:

• Urgent request for action – messages that put force on time and endanger the blocking of the account are suspicious.
• Language errors and different characters – typos, characters from abroad alphabets or incorrect characters may indicate false messages.
• Custom URL – if the link leads to a website that differs from the authoritative domain of the bank, it is simply a clear sign of fraud.

Santander Bank Polska, as well as another banks, never asks for individual data, logins or passwords in SMS messages. All specified requests should rise suspicion.

What if you receive a suspicious message?

1. Do not click on links – if you receive a suspicious text, do not click any links. Instead, check the bank's authoritative website or contact its hotline.
2. Report message to CERT Poland – You can study suspicious text messages to the CERT Polska squad that analyses specified threats. simply send the message content to the number 8080.
3. Contact the bank – if you have any doubts about the authenticity of the messages, contact Santander Bank Polska straight to verify the information.

What are the Cyberspace defence Army doing?

The Polish Cyberspace defence Army has late called for caution over the expanding number of phishing campaigns. They cooperate with the CERT Polska team, which analyses false news reports on an ongoing basis. In order to rise public awareness, they call for the caution and education of users not to fall victim to cyber criminals.

Today, phishing is becoming increasingly common, and cyber criminals are becoming more sophisticated. It is crucial to be careful and suspicious of any SMS, email or telephone call that requests individual data or login data. Regular checking and updating of safety on the phone, as well as the inclusion of additional authentication methods (e.g. two-component) in electronic banking, can importantly reduce the hazard of attack.

Do not be fooled – always verify messages and study suspicious content to the applicable services. This allows you to defend your data and finances from threats.