We will not show you personalized marketing and commercial offers.
By clicking the Accept button, you agree to save cookies that allow us to give you a more personalized marketing information on this device. If you want to define your own cookie settings and check the full content of the consent, click the Settings button.
If you wish to accept marketing cookies and receive tailored commercial information, please, click here.
Update your browser to the latest version in order to use all functions and increase your online safety.
From 15 May 2021, Millenet online banking system will not be available in this web browser, and some elements may not be displayed correctly on our website. Install another browser now and use Millenet safely and comfortably.
Your passwords for confirming operations will be now delivered from the sender named Millennium. Currently, from Millennium sender you receive for example, information about important documents waiting for you in Millenet or agreements to sign. Before entering the code from the SMS, always check if the name and amount of the transaction agree with the operation you are performing – if you see a different transaction name, do not enter the SMS P@ssword and contact us.
If you want, you can change the method of confirming transactions and instead of retyping passwords, confirm operations in the Bank Millennium mobile app.
We have received signals about false e-mails sent by scammers impersonating Bank Millennium. They inform about money transfer. To see the details and invoice you are asked to click on the image with link. In fact, it leads to website with malware in order to steal your data and get control over your device.
They impersonate DHL and send SMS messages informing about the necessity of additional payment for the shipment, e.g. due to customs duties.
There is a link in the SMS that directs you to the fake website of the courier company, from which you can download the "shipment tracking" application. In fact, it is malware allowing to steal money from your account.
do not click on links in emails or SMS as well as do not download unknown applications, available from a link nor any attachments to emails, especially if you are not sure about the sender or if the message raises any doubts
do not share login details with anyone (we never ask for MilleCode or P@ssword 1 by emails or SMS)
log in to Millenet only at Bank's website and before logging in check if yo see a closed padlock in the address bar
install anti-virus software on all devices used to log in to your bank account, remember to update it on regular basis
Fake Rossmann and Sephora ads have appeared on social network (e.g. Facebook, Instagram).
The scammers inform about free cosmetics available in special offer. To get them you are only asked to pay the shipping cost by giving your payment card credentials. Card details obtained in this way are used for transactions for larger amounts.
Remember a few rules when paying by card online:
before making a purchase, check if the offer is trustworthy and approach extremely bargain prices with more caution - look for opinions on the Internet on independent portals
verify information about promotions on the seller's official websites
do not provide your card details in unknown stores, do not send photos or a scan of your payment card to anyone - the data from the card can be used to make online transactions
when paying for the transaction, check the details and amount before confirming it with an SMS P@ssword or Mobile Authorization
install anti-virus software on all devices you log into the bank account and update them on a regular basis
Remember that you can restrict your card at any time in Millenet and in the mobile app or by calling +48 22 598 41 14 (fee according to the operator's price list).
If you notice any suspicious offers online, please let us know.
Bank has recently received new signals that scammers impersonate TeleMillennium helpline consultants, calling to inform you about suspicious activity on your account/payment card. They ask for personal data and can ask you to install the application, which enables remote control of the user's device.
do not download any fishy apps - Bank consultants never encourage you to download any applications for quick customer service etc.
do not share confidential data with anyone, e.g. PESEL number, your payment card number or CVV code - our helpline consultants never ask for such data
never share login details to your bank account - Bank consultant will never log in to the system for you
log in to your bank account only on Bank's website and while logging in keep in mind that the system never requires entering a full PESEL number or a full ID number - only two randomly selected characters.
Komenda Główna Policji i FinCERT.pl – Bankowe Centrum Cyberbezpieczeństwa ZBP ostrzegają przed próbami oszustw przy inwestowaniu w kryptowaluty oraz na rynku Forex.
Inwestycje w kryptowaluty, a także na rynku Forex co do zasady są legalne, ale oszuści wykorzystując fałszywe serwisy internetowe, podszywają się pod pośredników i oferują ułatwienia w inwestowaniu.
Przestępcy nakłaniają potencjalnych pokrzywdzonych do zainwestowania pieniędzy, obiecując wysokie i szybkie zyski bez ryzyka. Proponują pomoc przy inwestowaniu, dlatego zalecamy wysoką ostrożność przed podjęciem decyzji o przeznaczeniu pieniędzy na taki cel.
Wyłudzeń dokonują osoby, które podają się za tzw. „brokerów” inwestycyjnych – pracowników firm pośrednictwa i doradztwa inwestycyjnego. Firmy te reklamują swoje usługi w mediach społecznościowych, serwisach internetowych oraz aplikacjach mobilnych. Przyciągają uwagę i starają się uwiarygodnić swój przekaz za pomocą wizerunku:
„przeciętnego Kowalskiego”, który szybko zyskał dzięki współpracy z „pośrednikiem”,
powszechnie znanych i rozpoznawalnych osób (sportowców, polityków, aktorów, dziennikarzy, celebrytów) - bez ich wiedzy, zgody i na podstawie zmanipulowanego przekazu.
Oszuści kierują informacje do potencjalnych pokrzywdzonych i wskazują na możliwość osiągnięcia szybkich i wysokich zysków. Tego typu oferta jest nieprawdziwa i zazwyczaj kończy się utratą pieniędzy.
Nie ulegaj presji. Uważaj na pozornie atrakcyjne oferty. Nie działaj pochopnie, pod wpływem chwili i emocji. To może być oszustwo!!!
Jeśli przeczytasz artykuł czy post w mediach społecznościowych lub skontaktuje się z Tobą osoba, która proponuje:
szybki i wysoki zysk dzięki inwestycji w kryptowaluty lub na rynku Forex;
instalację aplikacji na telefonie lub komputerze, która ma posłużyć do zakupu kryptowaluty lub wykonania operacji na rynku Forex;
wsparcie w inwestycjach i obsłudze aplikacji przez „analityka”, którzy zadzwoni do Ciebie i udzieli pomocy,
zastanów się, zachowaj zdrowy rozsądek i ostrożność.
Komenda Główna Policji i FinCERT.pl – Bankowe Centrum Cyberbezpieczeństwa ZBP zalecają:
In the most frequently used fraud scenarios involving the phishing of payment card or login details, the main exposed persons were those making payments - buying goods on the Internet. Recently, however, we have observed a new type of abuse also directed against people who display goods on local buying and selling portals. Recently, scams of this type appeared on the OLX platform.
The fraudulent data is used by fraudsters to make online transactions from the card or add it to the fraudster's electronic wallet, which will allow him to perform further transactions from the account related to the card, also in stationary stores.
If you are a buyer, the criminals impersonate the OLX platform and encourage you to use the option with delivery or the surcharge for the parcel. They also use an external communicator for this. The scam message contains a link that redirects you to a fake payment card phishing website.
If you are selling goods, it might look like this:
You post an advertisement with the goods you want to sell.
A potential buyer comes to you and starts a conversation with you, usually using a popular messenger, and not directly through the page with the advertisement.
The buyer argues that he will make the payment for the goods and shipment by transfer to your payment card and for this purpose sends a link to the payment.
The link directs you to the page where you must provide payment card details (full card number, expiry date, authorization code) and confirm your willingness to receive payment by entering a password from an SMS.
Bank has recently received signals about false emails sent by scammers impersonating Bank Millennium. They inform about loyalty bonus, available after clicking on the link. The link leads to fake login page, where you are asked to enter MilleCode and P@ssword 1, and then your payment card details.
We inform that Bank sends no such messages or any links via email or SMS! Also, we never ask you to enter your payments card details while logging in your bank account.
Police informs about emails regarding alleged banking fraud. The message, allegedly signed by the Police Headquarters, is accompanied by an attachment with malware that infects or completely blocks the device.
They impersonate Bank Millennium and other well-known companies (popular VOD platforms, music services, courier companies, online stores) and send fake e-mails. For example, you can get information about your subscription expired on the streaming platform or about unusual activity on your account and the need to unblock it. Later, the scammer's pattern of operation is similar - they urge you to log into your account and provide your personal and payment card details, or download malicious applications.
It's an attempt to catch you in scammers' nets, who e.g. impersonate your bank.
What for? To make you pass your personal data, login or payment card details. As a result, your account or card will be accessed by unauthorized persons who can order transactions or impersonate you.
But how? The scammers send e-mails or SMS-s persuading to act immediately, such as:
'Your bank account has been blocked'
'Pay fee for your card'
'Your parcel has been withheld due to underpayment, settle the arrears'
'On ... the execution was initiated. Possibility of amicable repayment for PLN 8.44'
Do not click on links and do not download any applications unless you know the sender of the message.
You will never receive such a message from Bank Millennium, because we do not send any links in e-mails or SMS.
When you log in on the bank’s website, look at the address bar. Check if the website address is right, there are no typos or misspellings and if the connection is encrypted (icon with a closed padlock).
If something looks different than usual, please do not log in - we always inform about it when we change something on the login page.
On the login page, we always ask for only two randomly selected characters of the identifier - never enter the entire PESEL number or the entire document number.
Fake consultant, or vishing
How do you know that the person you are talking to on the phone is really who they say they are? This is obviously very difficult, and it is easy for fraudsters to gain our trust and obtain sensitive data.
How to defend yourself?
Don't share login details with anyone - only you should know them.
The bank consultant can ask you to provide MilleCode, but will never ask for your login password.
Malicious software, or malware
How does it work? You get an e-mail or an SMS with a link to download an app or 'very important' attachment. You click on it and this way you infect your computer, phone or tablet.
What for? This one click allows to install a malicious application or program on your device that can, for example, track your activity and download data, or take control of your device completely.
Keep in mind:
never click on unknown links
don't download attachments if you don't know what's in them or you don't know the sender of the message
do not install unchecked applications - preferably before installing an application, look for comments about it in the application store
How? You enter your card details in an unchecked store, or in response to fake e-mail, you give someone your plastic card or write your PIN on the card or a sticky note attached to the card.
What for? The fraudster needs your card details to make online transactions or tokenize the card, for example in Google Pay service. To pay in a stationary store the fraudster needs your card, and for larger payments also PIN.
How to defend yourself?
Never scan the card, do not pass on the data from the card to anyone
Pay with your card in trusted online stores
Carefully read the terms and conditions of internet subscriptions you accept (sometimes the first month is free, and the next one is charged a high fee)
Do not give your card or PIN to an unauthorized person (e.g. waiter in a restaurant or bar
Message from "a friend"
Your friend informs you via messenger app that he need money at once, he will return tomorrow and you only need to give him a BLIK code. Or he sends you link to the transfer (PayByLink).
What do you do? At first, everyone is probably willing to help their friend. Yet, be careful! This may be a fraud scheme. Before you help your friend, make sure It really is your friend - scammers could have get access to his account. The best you can do is to call him and ask if he really is in need.
Fake stores and ads
How does it work? Scammers publish fake ads and fake stores' websites. Very often they give "special offers" or even rewards to get your attention and persuade you to use their offer.
Don't get yourself "caught":
Before taking advantage of such a "great deal", try to verify that it is trustworthy.
You can search for comments on the Internet about a given company or a specific website.
If you have any doubts, do not order a payment or share your details.
Fraud on cryptocurrency exchanges
How? You come across an ad promoting easy ways to invest in cryptocurrencies:
"You don't need to know anything about investing"
"We guarantee quick profit"
"We will do everything on your behalf, only scan your payment card/ID and give us your login details/SMS P@ssword"
What for? To extort your personal details, login details to your bank account or payment card details, and above all, to persuade you to transfer your money. Unfortunately, when you want to withdraw your funds, contact with the "broker" is broken and the money transferred cannot be recovered.
How to defend yourself?
Check the credibility of the broker. Check online reviews, for example in conjunction with the words "fraud" or "scam". Don't stop at just one review page.
Transaction limits, i.e. the maximum amount you can order in a given operation or in total on a given day, will provide you with additional protection. You can easily adjust the limits to your needs in the settings in Millenet or in the mobile application.
In Millenet and in the mobile app, you can temporarily lock or restain a card that has been lost or stolen at any time. You do not have to wait for a call to the helpline or for the opening of a Bank branch.