Gawkowski warns: Fraudsters are taking advantage of the confusion surrounding e-PIT and KSeF

During the period of tax settlements and implementation of the National e-Invoice System, cybercriminal groups impersonate the Ministry of Finance and the National Tax Administration – warns the government representative for cybersecurity, Krzysztof Gawkowski, in a statement on Wednesday.

The plenipotentiary's announcement pointed to intensified social engineering attacks targeting Polish citizens and entrepreneurs. It was clarified that these were phishing attacks; cybercriminals try to steal login details, among others: to the Trusted Profile, using the tax settlement period.

Gawkowski noted that fraudsters send fake e-mails and text messages. They inform about alleged notifications from the National Audit Office and encourage people to click on a link leading to a fake login page to the Trusted Profile. The goal is to capture user credentials.

The representative calls on people to exercise particular caution and verify the sources of the information they receive. It recommends, among others: checking the sender's address, entering the institution's website addresses yourself and contacting the institution in case of doubts.

If you receive a suspicious message, especially if the user clicked on the link and provided data, you should report the incident to the CSIRT NASK team – via the online form or the “Safely on the Internet” service in the mObywatel application. Suspicious text messages can also be sent to the free number 8080. If a crime is suspected, it is recommended to report the matter to the police or the prosecutor's office.

The representative also reminds about the basic principles of cybersecurity, such as using two-factor authentication, updating software, installing applications only from verified sources and limiting payment limits. It is also recommended to reserve your PESEL number. (PAP)

pif/mmu/