-
Scammers send fake texts about overdue bill for electricity
-
The scammers impersonate PGE (Polska Grupa Energetyczna) or other providers and inform that you are in arrears with the payment and you are at risk of power cut. Be careful and don't click on the link in the SMS.
If you have any doubts, if the message is true, please contact your electricity provider. Always search for the current contact number on the provider's website.
Tell us about anything suspicious by calling the dedicated helpline: +48 22 598 44 44 (fees in accordance with the operator's price list) or via e-mail: kontakt@bankmillennium.pl.
-
Helping Ukraine? Use verified collections
-
As a gesture of solidarity with the war-stricken Ukrainians, we have waived our fees for foreign transfers to Ukraine. We want to help, but at the same time we ask you to be vigilant.
When others join forces to help, scammers waste no time and take advantage of our good intentions.
Therefore, before you transfer money, check the account numbers and credibility of the collections you are supporting with your donations.
- Before you donate, check the official website of the organization to see if it runs a collection. Compare the information and account numbers.
- If you make transfers to private recipients - send money to those you really know, do not copy account numbers from social media.
- Use verified payment methods and avoid those you don't know.
- Don't give others information about fundraising that you can't verify.
- Don't fall for phone calls from purported uniformed services that "extort" you to donate money.
- Don't click on links in e-mails and text messages.
- Don't give out your account or e-mail passwords or payment card details to anyone or enter them on unverified websites.
- Only log into your bank account on our website or through our mobile app.
- Update the operating system and anti-virus software on the devices you use.
If you suspect an attempted crime or if you have been defrauded in this way, inform us and report it to the police.
-
Check the sender name for the SMS P@sswords
-
Your passwords for confirming operations will be now delivered from the sender named Millennium. Currently, from Millennium sender you receive for example, information about important documents waiting for you in Millenet or agreements to sign. Before entering the code from the SMS, always check if the name and amount of the transaction agree with the operation you are performing – if you see a different transaction name, do not enter the SMS P@ssword and contact us.
If you want, you can change the method of confirming transactions and instead of retyping passwords, confirm operations in the Bank Millennium mobile app.
Find out more about Mobile Authorization
-
Fake ads on social network
-
Recently, fake ads impersonating Bank Millennium's offer and informing about cash prizes for loyal clients have appeared on social network. To get the prize, you are asked to give your MilleCode.
-
How to defend yourself?
-
Remember these rules to use online banking system safely:
- do not give your MilleCode and login details to anyone
- do not log in to your account on websites other than Bank Millennium's websites
- do not enter the entire PESEL / ID card / passport number and telephone number when logging in (only 2 randomly selected identifier digits are required when logging in)
- do not enter payment card details while logging in - we never ask for it
- read carefully each SMS that you receive from us - check the operation you are confirming (the amount, type and number of the transaction), mind the language of the message
If anything raises your doubts, please let us know. You can call us on the special telephone line: 22 598 44 44 (for landline and mobile phones; fees according to the operator's price list).
-
Watch out for false e-mails from 'bank'
-
-
How do scammers operate?
-
We have received signals about false e-mails sent by scammers impersonating Bank Millennium. They inform about money transfer. To see the details and invoice you are asked to click on the image with link. In fact, it leads to website with malware in order to steal your data and get control over your device.
We never send any links via e-mail or SMS!
Messages with transfer confirmations are sent only when you request it and they are sent only from the address: powiadomienia@bankmillennium.pl
-
Notice
-
- The sender - false e-mail was not send from bank address, but foreign domain.
- In e-mails with transfer confirmation we never link to details or attach any documents.
- We do not send invoices issued by other companies.
-
How to act
-
- Do not click on links in emails or SMS nor download any unknown applications or attachments , especially if you are not sure about the sender.
- Install anti-virus software on all devices used to log in to your bank account and update it on regular basis.
- Avoid logging in to your bank account on someone else's computers or phones.
- If your device has been infected, we recommend that you reinstall the operating system.
-
Fake SMS from delivery company - don't click on links
-
-
How do scammers operate?
-
They impersonate DHL and send SMS messages informing about the necessity of additional payment for the shipment, e.g. due to customs duties.
There is a link in the SMS that directs you to the fake website of the courier company, from which you can download the "shipment tracking" application. In fact, it is malware allowing to steal money from your account.
-
How to defend yourself?
-
- do not click on links in emails or SMS as well as do not download unknown applications, available from a link nor any attachments to emails, especially if you are not sure about the sender or if the message raises any doubts
- do not share login details with anyone (we never ask for MilleCode or P@ssword 1 by emails or SMS)
- log in to Millenet only at Bank's website and before logging in check if yo see a closed padlock in the address bar
- install anti-virus software on all devices used to log in to your bank account, remember to update it on regular basis
If you have any doubts, please let us know.
-
Fake ads of well known brands on social network
-
Fake Rossmann and Sephora ads have appeared on social network (e.g. Facebook, Instagram).
The scammers inform about free cosmetics available in special offer. To get them you are only asked to pay the shipping cost by giving your payment card credentials. Card details obtained in this way are used for transactions for larger amounts.
Remember a few rules when paying by card online:
- before making a purchase, check if the offer is trustworthy and approach extremely bargain prices with more caution - look for opinions on the Internet on independent portals
- verify information about promotions on the seller's official websites
- do not provide your card details in unknown stores, do not send photos or a scan of your payment card to anyone - the data from the card can be used to make online transactions
- when paying for the transaction, check the details and amount before confirming it with an SMS P@ssword or Mobile Authorization
- install anti-virus software on all devices you log into the bank account and update them on a regular basis
Remember that you can restrict your card at any time in Millenet and in the mobile app or by calling +48 22 598 41 14 (fee according to the operator's price list).
If you notice any suspicious offers online, please let us know.
-
Watch out for false emails from the Bank
-
-
How do scammers operate?
-
Fraudsters send e-mails informing about disabled account or payment card.
Bank Millennium sends no such messages or any links via email or SMS!
Also, we never ask to enter payment card details (number, validation date, CVV2/CVC2 code) to unlock it nor we ask to make a money transfer to unlock the account.
If you receive such a message, please let us know.
-
How to defend yourself?
-
- do not click on links in emails or SMS, especially if you are not sure about the sender
- do not download unknown applications, available from a link nor any attachments to emails, if you don't know the sender or the message raises any doubts
- do not share login details with anyone (we never ask for MilleCode or P@ssword 1 by emails or SMS)
- log in to Millenet only at Bank's website and before logging in check if you see a closed padlock in the address bar
- when logging in to Millenet, do not enter full PESEL or an ID number, we ask only for the 2 randomly selected characters
- when logging in, never enter your payment card details
- install anti-virus software on all devices used to log in to your bank account, remember to update it on regular basis
-
Scammers impersonate Bank Millennium employees
-
-
How do scammers operate?
-
Bank has recently received new signals that scammers impersonate TeleMillennium helpline consultants, calling to inform you about suspicious activity on your account/payment card. They ask for personal data and can ask you to install the application, which enables remote control of the user's device.
-
How to defend yourself?
-
- do not download any fishy apps - Bank consultants never encourage you to download any applications for quick customer service etc.
- do not share confidential data with anyone, e.g. PESEL number, your payment card number or CVV code - our helpline consultants never ask for such data
- never share login details to your bank account - Bank consultant will never log in to the system for you
- log in to your bank account only on Bank's website and while logging in keep in mind that the system never requires entering a full PESEL number or a full ID number - only two randomly selected characters.
-
Beware of fraudulent websites that offer cryptocurrencies and Forex investments. Press release of 24 March (in Polish)
-
Komunikat z dnia 24.03.2021
Komenda Główna Policji i FinCERT.pl – Bankowe Centrum Cyberbezpieczeństwa ZBP ostrzegają przed próbami oszustw przy inwestowaniu w kryptowaluty oraz na rynku Forex.
Inwestycje w kryptowaluty, a także na rynku Forex co do zasady są legalne, ale oszuści wykorzystując fałszywe serwisy internetowe, podszywają się pod pośredników i oferują ułatwienia w inwestowaniu.
Przestępcy nakłaniają potencjalnych pokrzywdzonych do zainwestowania pieniędzy, obiecując wysokie i szybkie zyski bez ryzyka. Proponują pomoc przy inwestowaniu, dlatego zalecamy wysoką ostrożność przed podjęciem decyzji o przeznaczeniu pieniędzy na taki cel.
Wyłudzeń dokonują osoby, które podają się za tzw. „brokerów” inwestycyjnych – pracowników firm pośrednictwa i doradztwa inwestycyjnego. Firmy te reklamują swoje usługi w mediach społecznościowych, serwisach internetowych oraz aplikacjach mobilnych. Przyciągają uwagę i starają się uwiarygodnić swój przekaz za pomocą wizerunku:
- „przeciętnego Kowalskiego”, który szybko zyskał dzięki współpracy z „pośrednikiem”,
- powszechnie znanych i rozpoznawalnych osób (sportowców, polityków, aktorów, dziennikarzy, celebrytów) - bez ich wiedzy, zgody i na podstawie zmanipulowanego przekazu.
Oszuści kierują informacje do potencjalnych pokrzywdzonych i wskazują na możliwość osiągnięcia szybkich i wysokich zysków. Tego typu oferta jest nieprawdziwa i zazwyczaj kończy się utratą pieniędzy.
Nie ulegaj presji. Uważaj na pozornie atrakcyjne oferty. Nie działaj pochopnie, pod wpływem chwili i emocji. To może być oszustwo!!!
Jeśli przeczytasz artykuł czy post w mediach społecznościowych lub skontaktuje się z Tobą osoba, która proponuje:
- szybki i wysoki zysk dzięki inwestycji w kryptowaluty lub na rynku Forex;
- instalację aplikacji na telefonie lub komputerze, która ma posłużyć do zakupu kryptowaluty lub wykonania operacji na rynku Forex;
- wsparcie w inwestycjach i obsłudze aplikacji przez „analityka”, którzy zadzwoni do Ciebie i udzieli pomocy,
zastanów się, zachowaj zdrowy rozsądek i ostrożność.
Komenda Główna Policji i FinCERT.pl – Bankowe Centrum Cyberbezpieczeństwa ZBP zalecają:
- Zapoznaj się z informacjami KNF i NBP, które dotyczą inwestowania w kryptowaluty – link: https://uwazajnakryptowaluty.pl/;
- Sprawdź wiarygodność podmiotu. Zweryfikuj opinie w Internecie, np. w połączeniu ze słowem „oszustwo” lub „scam”. Nie poprzestawaj na jednej stronie z opiniami;
- Sprawdź, czy instytucja – „broker” znajduje się na liście ostrzeżeń KNF – link: https://www.knf.gov.pl/dla_konsumenta/ostrzezenia_publiczne;
- Nie udostępniaj nikomu danych do logowania w bankowości elektronicznej i mobilnej;
- Nie udostępniaj nikomu danych poufnych dotyczących Twoich kart płatniczych;
- Nie przesyłaj nikomu skanów swojego dowodu osobistego;
- Nie instaluj dodatkowego oprogramowania, na urządzeniach z których logujesz się do bankowości elektronicznej;
- Jeśli otrzymasz przelew od nieznanego nadawcy, pod żadnym pozorem nie przekazuj środków dalej, nawet jeśli „Twój doradca” o to prosi – nieświadomie możesz brać udział w przestępstwie.
Jeżeli podejrzewasz, że jesteś ofiarą oszustwa skontaktuj się ze swoim bankiem oraz złóż stosowne zawiadomienie na Policji.
Komenda Główna Policji
FinCERT.pl – Bankowe Centrum Cyberbezpieczeństwa ZBP
-
Beware of scammers promoting investment in cryptocurrencies
-
-
How do they operate?
-
Fraudsters impersonate 'investment brokers', promising easy and quick profit. In fact, they want to get access to your personal data and money.
-
When become suspicious?
-
Be careful, especially when:
- you are asked to send a photo of your ID card or payment card
- the broker urges you to install additional software or provide bank login details
- the adviser wants to carry out transactions on your behalf
-
Before you start investing
-
Check if the company is registered in the EU and that there are no warnings on the Internet about its business. You can do it on KNF website >
-
Scammers on sales platforms
-
In the most frequently used fraud scenarios involving the phishing of payment card or login details, the main exposed persons were those making payments - buying goods on the Internet. Recently, however, we have observed a new type of abuse also directed against people who display goods on local buying and selling portals. Recently, scams of this type appeared on the OLX platform.
The fraudulent data is used by fraudsters to make online transactions from the card or add it to the fraudster's electronic wallet, which will allow him to perform further transactions from the account related to the card, also in stationary stores.
-
How to defend yourself?
-
Please be cautious and pay special attention to:
- any communication outside the sales website - the scammers contact mainly via external communicators
- links directing to the sales offer, delivery order or payment - double-check the address of the page to which the link transferred you
- linguistic errors, typos or other inaccuracies on the website - if something raises your doubts, do not provide your personal data and payment card details under any circumstances
If anything raises your doubts, please let us know. You can call us on the special telephone line: 22 598 44 44 (for landline and mobile phones; fees according to the operator's price list).
-
How do scammers operate?
-
If you are a buyer, the criminals impersonate the OLX platform and encourage you to use the option with delivery or the surcharge for the parcel. They also use an external communicator for this. The scam message contains a link that redirects you to a fake payment card phishing website.
If you are selling goods, it might look like this:
- You post an advertisement with the goods you want to sell.
- A potential buyer comes to you and starts a conversation with you, usually using a popular messenger, and not directly through the page with the advertisement.
- The buyer argues that he will make the payment for the goods and shipment by transfer to your payment card and for this purpose sends a link to the payment.
- The link directs you to the page where you must provide payment card details (full card number, expiry date, authorization code) and confirm your willingness to receive payment by entering a password from an SMS.
-
Watch out for false emails about loyalty bonus
-
-
How do scammers operate?
-
Bank has recently received signals about false emails sent by scammers impersonating Bank Millennium. They inform about loyalty bonus, available after clicking on the link. The link leads to fake login page, where you are asked to enter MilleCode and P@ssword 1, and then your payment card details.
We inform that Bank sends no such messages or any links via email or SMS! Also, we never ask you to enter your payments card details while logging in your bank account.
-
How to defend yourself?
-
- Do not click on links in emails or SMS, especially if you are not sure about the sender or where the link will lead you
- Log in to Millenet only at Bank's website and before logging in check if the connection is encrypted (closed padlock in the bar with the address)
- When logging in to Millenet, enter only the 2 randomly selected characters of the PESEL number or a document - we never ask for more characters!
- when logging in, never enter your payment card details.
-
Scammers impersonate Police
-
-
Learn about scam scheme
-
Police informs about emails regarding alleged banking fraud. The message, allegedly signed by the Police Headquarters, is accompanied by an attachment with malware that infects or completely blocks the device.
Read the police information >
-
How to defend yourself?
-
- do not click on links in emails or SMS, especially if you are not sure about the sender or where the link will lead you
- do not download unknown applications, available from a link
- do not download any attachments to emails, if you don't know the sender or the form of the message raises any doubts
- if your computer has been blocked - under no circumstances pay scammers to unlock it, but change access to your bank account and report a crime
-
New frauds on social media
-
-
When to be careful?
-
Please, pay particular attention to:
- messages on social network and communicators, e.g. message from the fraudster impersonating your friend and asking for a BLIK code to make an urgent payment
- ads on social networks pretending to be Bank Millennium's offer and informing about cash rewards
-
How to avoid the fraud?
-
Always double-check the sender and the content of the received message and do not click on unknown links or do not install any applications from such links.
Additionally, we would like to remind you that the Bank never sends you an e-mail or SMS with links and never asks you to provide confidential data in this way.
-
The scammers impersonate Bank Millennium and other well-known brands
-
-
How do they operate?
-
They impersonate Bank Millennium and other well-known companies (popular VOD platforms, music services, courier companies, online stores) and send fake e-mails. For example, you can get information about your subscription expired on the streaming platform or about unusual activity on your account and the need to unblock it. Later, the scammer's pattern of operation is similar - they urge you to log into your account and provide your personal and payment card details, or download malicious applications.
-
What to keep in mind?
-
- Always double-check the sender of the message
- Do not click on unknown links and do not install any applications from such messages - we never send login links in e-mails and text messages
- If you want to visit the Bank's website, do not use external links, it is safer to enter the address manually in the browser
- Never log into your bank account on websites other than the Bank's website
- Do not provide confidential data (login details, card details, document numbers, etc.) if you do not know the sender or the form of the message raises your doubts
- Always carefully check the content of the message from the Bank confirming the transaction