More data shared with social media than banks

Financial fraud in Poland often exploits payer manipulation, with three-quarters of scams reported to banks involving the use of stolen login credentials and payment authentication information, according to Jarosław Biegański, Director of the Banking Security Department at the Polish Bank Association. This method allows criminals to access accounts and authorize fraudulent transactions.

“

three quarters of scams reported to bank are carried out using payer manipulation, i.e. using information sufficient to log into an account, as well as to authenticate a specific payment.

While investment-related scams are not as widespread in Poland compared to other European nations, fraud targeting electronic payments remains a concern. However, Biegański noted that the increasing adoption of electronic invoices is helping to reduce the scale of these particular types of fraud. The Central Bureau for Combating Cybercrime reported that overall, 36% of online fraudsters are detected, a figure that includes both minor platform scams and more serious offenses.

“

In Poland, according to the report, the combination of investment with scam is not as popular as in other European countries.

Adam Cieślak, former commander at the Central Bureau for Combating Cybercrime, highlighted the severe impact of certain, albeit less frequent, cyberattacks. He cited ransomware as a prime example, where attackers encrypt files and demand payment for their release. Cieślak recalled a 2022 incident where a regional government office fell victim to such an attack, disrupting the electronic document flow for hundreds of associated municipalities.

“

some of the attacks, although they occur sporadically, are very harmful.

Cieślak also commented on the effectiveness of banks in combating cyber threats, particularly Distributed Denial of Service (DDoS) attacks. He noted that while the Polish Financial Supervision Authority identified 800 such incidents recently, very few impacted the banking sector directly. Investment fraud detection rates are lower, at only 20%, even with specialized units investigating. Cieślak explained that criminals often operate internationally with sophisticated teams, making detection difficult, especially for large-scale operations like ransomware attacks potentially linked to state actors.

“

In Poland, as Cieślak recalled, in 2022, one of the regional marshal offices fell victim to such an attack, as a result of which hundreds of municipalities associated with electronic document circulation with this marshal office suffered.