“Pro forma invoice” or “Payment” is the most common title for messages sent by criminals impersonating a notary or sales office accompanied by dangerous attachments.
Attempting to open the alleged invoice may end up infecting your computer. In that case the malicious software will try to take over the client ID and password – the victim after the data will see the prepared website, suggesting waiting for the login, and then a message informing the activation of mbackank free moneyback service, which must be confirmed by SMS.
In fact, at that time criminals have already logged in to the account and added a “trusted recipient” for the transfers. Of course, to confirm this change in your account, you need an SMS code that is sent to the customer’s phone.
As you can see on the screenshot attached by mBank, the victim may be misled by a properly displayed page address and a “green padlock” and prefix, suggesting an encrypted connection.
It is therefore worth remembering that mBank never requires entering SMS passwords when logging into a transaction service to confirm activation of financial services or transactions.