CERT Polska registered 6484 Internet security incidents in 2019. This is a record number. From the content of the report, we can read that throughout 2019, the majority of submissions to CERT (as much as 54.2%) were phishing incidents. As part of a phishing operation, the fraudster impersonates another individual or institution in order to defraud the login data, credit card or infect someone's hardware with malware. The scam is carried out in many ways, including by phone, by impersonating bank employees and scamming customers' data.
However, the new generation of phishing is reaping the fruits mainly in social media. For example, the data is hijacked as part of an innocuous-looking authentication of the user's identity using a facebook profile. In order to access interesting and "exclusive" content, unconscious users confirm their identity through the facebook page, and fraudsters take over the data.
Stolen internet identity allows fraudsters to impersonate deceived internet users. Criminals send requests for urgent loans to the victim's friends by entering the blik code ("Na Blika" scams). It is also in fashion to impersonate a fast payment operator such as PayU or DotPay. Fraudsters use fake payment gateways in conjunction with emails or text messages informing them that a small fee should be paid. Behind the link there is often a form with the details of the account that an unconscious victim gives to the offenders.
Unfortunately, the progressive digitisation of subsequent spheres of life (especially in the era of the Covid-19 pandemic) favours phishing. Public institutions are trying to fight the phenomenon. However, nothing can replace common sense and the necessary minimum of vigilance.