Poland is grappling with an unprecedented wave of cyberattacks targeting customers of the largest banks, taxpayers filing e-PIT returns, and the elderly. Scammers are using advanced social engineering techniques, impersonating state institutions, streaming platforms, and well-known financial brands. Only in recent days, Polish citizens have lost millions of zlotys as a result of telephone manipulations and malicious links.
Threat with e-PIT
Scammers exploit the tax filing period to extort access data through fake government websites.
New Vishing Methods
Criminals impersonate bank helplines, persuading victims to transfer money to supposed technical accounts.
Explosion of Fraud on Telegram
In 2025, the number of financial abuses on this platform increased by a record 233 percent.
With the start of the tax filing season, cybercriminals have intensified their activities targeting users of the Twój e-PIT system. The fraud mechanism is based on sending fake messages suggesting the need for an additional payment or urgent data verification, which in reality leads to devices being infected with malware. In parallel, PKO BP and Pekao S.A. banks have issued critical warnings about phishing campaigns. Criminals are using the image of these institutions, distributing infected attachments and links to fake login panels, which are used to take over access to bank accounts. Concerning trends are also observed in the area of communication platforms. According to the latest reports, Telegram has become the fastest-growing channel used for financial fraud, recording a 233% increase year-on-year. Nevertheless, Facebook remains the main place for initiating phishing attacks and shopping scams. Scammers adapt their methods to current consumer needs, offering, among other things, cheap solid fuel (e.g., eco-pea coal) or concert tickets that do not actually exist. The concept of phishing was born in the mid-1990s, and the first mass attacks were aimed at users of the AOL service. Since then, the method has evolved from simple emails to technologically advanced campaigns using artificial intelligence and deepfake techniques. Another dangerous phenomenon is vishing, which particularly affects the elderly. In one recorded case, a senior woman lost over PLN 200,000 after a conversation with a supposed bank consultant. „Mieszkańcy stracili ponad 350 tys. zł w wyniku działania oszustów - uważajmy” (Residents have lost over PLN 350,000 as a result of scammers' actions - let's be careful) — Police The police in Lower Silesia have initiated the "Senior na 6 z plusem" (Senior with a 6+) program in response, aimed at education in digital security. Additionally, authorities are warning about a new version of the "Netflix scam," where fake payment problem notifications are used to steal payment card data.