Massive Phishing Wave Targets Customers of Pekao, PKO BP Banks and Netflix Service

Recently, a persistently high level of activity in disinformation and technical campaigns targeting users of electronic banking has been observed, which fits into an upward trend noted since the beginning of 2026. The main targets of attacks in Poland have become customers of Bank Pekao S.A., who are receiving emails with dangerous attachments. Opening the file can lead to the installation of malware that takes control of the device. Similar warnings have been issued by PKO BP, pointing to attempts to steal data through fake login panels. These institutions appeal to ignore messages forcing immediate action under threat of blocking funds. Simultaneously, on an international scale, particularly in Spain, security experts and financial institutions are warning of a wave of phishing attacks targeting customers of ING and Abanca banks. Criminals there use advanced social engineering techniques, informing about alleged unauthorized transactions, which is intended to prompt the victim to quickly log in to a spoofed website. Concern is also raised by the growing number of scams in internet messengers, where criminals urge quick transfers or sharing of authorization codes. These methods are becoming increasingly sophisticated, exploiting spelling errors in domain names, which is particularly visible in the campaign concerning false highway toll charges. The first phishing attacks date back to the mid-1990s, when criminals stole passwords from AOL service users. Since then, these methods have evolved from simple text messages to technically advanced pages imitating banking systems.Another significant threat is the use of the image of the Netflix service. Users receive notifications about alleged subscription expiration or payment problems. Links contained in these messages lead to forms where victims voluntarily provide full details of their payment cards. Police emphasize that official services never ask for passwords or CVV codes via email. The threat also concerns users of the Revolut application, who are increasingly falling victim to advanced social engineering scams and attempts to extort funds via internet messengers. Security experts point out that the most effective defense remains the principle of limited trust and verification of any suspicious message directly in the bank's official app. „Zachowaj szczególną ostrożność i nie klikaj w linki przesyłane w wiadomościach, które budzą Twoje wątpliwości. Pamiętaj, że bank nigdy nie poprosi Cię o podanie loginu i hasła w ten sposób.” (Exercise particular caution and do not click on links sent in messages that raise your doubts. Remember that a bank will never ask you for your login and password in this way.) — Police Statement In the corporate sector, the Business Email Compromise method, involving impersonation of management staff, is currently breaking popularity records. Employees receive orders to make urgent transfers, which, in the absence of verification procedures, leads to huge financial losses for companies.