Cybersecurity expert Branko Dzakula said such attacks often begin with a deceptive message, impersonating a trusted institution or individual.
“The goal is to trick the victim into revealing confidential information – login credentials, card numbers, one-time codes, personal data – or to make a payment or download a malicious file, believing they are communicating with a legitimate entity,” Dzakula said.
“Attackers frequently use email addresses and fake websites that look almost identical to real ones, copying logos and design elements of legitimate companies,” he told BIRN.
“The message typically urges the victim to click on an attached link or document. Once the victim ‘takes the bait’, clicks the link and enters their details on the fake site, the information goes straight to the scammer, who can then use it for financial gain or sell it on the black market.”
In October, dozens of people in Montenegro received an email signed by ‘Velisa Vujosevic’, supposedly a manager at Montenegrin Commercial Bank, CKB.
The email contained an attachment described as a payment document sent “at the customer’s request”.
It was a phishing campaign, CIRT warned in October, and urged recipients of the email not to open the attachment or click on any links. It was only the latest scam exploiting customer trust in CKB and other banks.
Similar phishing emails were sent in August, claiming to be from Assistant Police Director Aleksandar Radovic.
CIRT detected 788 phishing attacks last year, up from 672 in 2021. The most common schemes involve fake emails or messages in which fraudsters impersonate banks, government institutions, delivery services or online platforms.