TOP5 phishing scams. How to defend yourself? The Police and CERT have prepared a guide

is a fraudulent method of phishing access to an account. Instead of trying to circumvent difficult-to-break security measures, criminals pretend to be the institution or company we work with. There are more and more such scams.

Recent months have been record-breaking in terms of the number of observed fraud attempts by e-mail, SMS or messaging. This increase coincides with the coronavirus pandemic and related reduction in personal contacts and the transfer of many daily activities to the internet

– he informs.

Phishing. What are the most popular scams?

CERT Polska and the Police have prepared a joint list of the five most common phishing techniques. These are:

• Scams on OLX,
• Fake SMS messages,
• Malware hidden under acceptance of the regulations,
• Flubot,
• Facebook and fake articles.

Attack on OLX they are about defrauding sellers. The scammers want to finalize transactions via, so they send a crafted page to which you can make a payment. The portal provides payment services, but does not ask for the card number or login to the bank.

Fake SMS they call for some debts, usually small ones. However, the link you sent is fake and allows you to obtain your login details. Such messages are also sent by e-mail.

Malware hidden under the terms of the regulations. “The senders impersonate the operators of Polish postal services – Onet, Interia, O2 and Wirtualna Polska. Depending on the variant of the fraud, the message contains information about the need to approve the new privacy policy or a notification that the account has been blocked due to violation of the regulations by In both cases, the victim is persuaded to go to the indicated website in order to remove the account blockade. If we open the website in a web browser on a computer, our device may be infected with a virus that steals confidential data “- explains the police.

Flubot is software that is smuggled onto Android devices by encouraging the installation of a fabricated courier application or shopping store. The program gives criminals wide access to our telephone. To avoid such situations, only install applications from the official Play stores.

Hackers also attack Facebook. They use a stolen account and send links to websites to their friends, including on the pandemic. Such crafted pages often require logging in, which gives fraudsters access to our data. Another popular form is a request to send -a for several hundred zlotys. Messages sent even by friends sent on Facebook must be verified.

You can find a full description of the methods of fraudsters prepared by CERT Polska and the Police

How to defend yourself?

CERT Polska and the police advise you to be cautious and attentive.

Each time, the name of the website on which sensitive data is provided or the domain name from which an important e-mail message was received should be verified. Any mistake, even a small typo, could be a scam. It is also very important to use unique and appropriately complex passwords in each of the websites (in particular when using e-mail accounts with which you can reset passwords in other websites). Password managers are helpful in this regard. Any suspicions should be verified by contacting the alleged sender using a channel other than the one through which the message was received

CERT Polska also refers to the guide on the most important principles of safe use of e-mail and social media, available at

In addition, since March 2020, CERT Polska, together with telecommunications operators, has been publishing a list of warnings against dangerous internet addresses. According to the assumptions, the list of warnings includes Internet domains that have the primary goal of misleading Internet users. The operators undertook, inter alia, to block access to websites using the names of internet domains published on the warning list, as well as to provide NASK with information about such websites.

In 2020, as much as 58 percent. domains on the CERT Polska alert list were associated with fake Facebook login panels. This year, CERT observes a continuous increase in malicious domains using the OLX platform image – in 2020 it registered 570 such incidents. For comparison – a year earlier there were only five of them.

In 2021, they account for almost 30 percent. domains included on the list of warning of dangerous domains.