Floods in Poland: How Scammers Exploit Crises to Target Vulnerable Victims
Central Europe was recently struck by severe flooding, which, unfortunately, triggered a surge of scam attempts.
In Poland, fraudsters took advantage of the crisis, exploiting the heightened need for emergency relief. How did these scammers operate, and what actions can banks take to protect their customers?
Recently, Polish media issued warnings about scammers exploiting the devastation caused by the floods to perpetrate fraud. For people in flood-affected areas, the risks extend beyond property loss, as they also face potential financial losses due to cyber scams. This threat extends to those who want to help as well, making it crucial for both victims and supporters to be vigilant against fraudulent schemes.
Scams targeting Polish flood victims
Fraudsters are exploiting the crisis in multiple ways to turn a profit. One common tactic involves using compromised social media accounts to lure victims with sensational headlines. “(…) They prepare a flashy headline with a photo, for example, of a child or animal in danger. The post includes a link, which users are asked to click on and log in by providing their sensitive information. Entering such details on a fraudulent site leads to the theft of our login credentials,” explained the Central Bureau for Combating Cybercrime (CBZC) to PolskieRadio.pl.
The CBZC has identified over 150 fundraising campaigns potentially linked to criminal activity targeting disaster relief efforts. In these cases, if someone trusted the fundraiser and clicked on the link, they were redirected to a fraudulent website that misused the branding of a legitimate foundation. The site included a form prompting users to enter their payment card information, enabling scammers to capture sensitive financial details.
Crisis: A scammer’s best friend
Scammers taking advantage of crises is hardly a new phenomenon, and it’s not limited to Poland. For instance, in the neighboring Czech Republic, scammers are posing as insurance companies and sending text messages to people in flood-affected areas. These messages promise “insurance payouts” but are designed to lure recipients into providing sensitive information—usually their online banking credentials.
Crises create ideal conditions for scammers, who exploit these situations for several reasons. Here are the four primary factors that make crises such attractive opportunities for fraudulent activity:
1. Heightened vulnerability
People in the affected areas are under immense pressure, often losing their usual caution in their desperation for assistance. Similarly, those eager to help can easily overlook warning signs, as their focus is on providing support quickly. Overwhelmed by emotion, they may fail to scrutinize the legitimacy of sources requesting financial aid.
2. Urgency and limited timeframes
Crises generate a sense of urgency, prompting people to make quick decisions. Fraudsters take advantage of this by pressuring potential donors with messages of immediate need, making it more difficult for individuals to pause and verify the legitimacy of these appeals.
3. Increased online activity and information overload
During crises, people flock online to seek updates, connect, and offer aid. Scammers exploit this high engagement on social media, crowdfunding platforms, and through fake donation links, allowing them to reach a broad audience quickly. Furthermore, the overwhelming flood of information makes it easier for scammers to blend fraudulent websites, emails, and social media posts with legitimate sources, reducing the chances of detection.
4. Impersonation
Scammers often impersonate trusted organizations or government entities to solicit donations, knowing people are inclined to trust these institutions during a crisis. By mimicking well-known names, scammers make their appeals seem credible, increasing the likelihood that potential victims will respond without questioning the legitimacy of the request or offer.
Additionally, the large number of people affected and the widespread wave of solidarity give scammers a broad base of potential victims. This wide-reaching impact has led scammers to exploit recent crises, including the Ukraine war, the earthquake in Morocco, or Hurricane Milton.
Learn how scams operate
Fraud landscape in Poland
The recent flood crisis highlights the growing risk of online fraud facing Polish citizens. Fraud in Poland has expanded significantly: according to data from the Global Anti-Scam Alliance (GASA) and ScamAdviser, a staggering 26,535 cases of fraud were reported in 2022, marking a massive 182% increase. In 2021 alone, total losses from online fraud in reached €9.75 million.
Each year, approximately 7.2 million people in Poland fall victim to cybercrime, yet many cases go unreported; only about 7% of all scams are ever reported. According to March 2023 data from Statista, one in five Poles (21%) has encountered an online scam.
The most common types of scams in Poland include phishing, delivery scams, and investment scams. In 2022, there were over 25,600 unique phishing incidents in Poland. Cybercriminals often exploit the reputation of Polish banks to increase the credibility of phishing campaigns. According to the Polish Financial Supervision Authority’s (KNF ) monthly “Overview of Selected Scams“, banks frequently targeted in phishing schemes include BNP Paribas, Millennium Bank, Nest Bank, ING Bank, and Bank Pekao, among others. As of September 2024, the primary methods for distributing fake websites impersonating banks were SMS and emails.
Investment scams typically involve cybercriminals impersonating well-known individuals or institutions to entice victims into investing money with promises of high returns, ultimately leading to significant financial losses. As with other scams, criminals often rely on the credibility of established brands; in September 2024, for example, they impersonated Bank Pekao, the National Bank of Poland, and the Polish Financial Supervision Authority to lend legitimacy to their schemes.
Fraudsters are also demonstrating growing sophistication in their efforts to extract the maximum possible funds from victims. According to KNF, the recurring tactic involves a second stage to the initial investment scam. In this phase, criminals circulate information about a supposed opportunity to recover previously lost funds. In reality, this is simply another attempt to deceive individuals who have already fallen victim to the original scheme.
How to prevent scams that exploit crises
Scammers exploiting crises pose a threat not only to bank customers’ funds but also to the reputation of financial institutions. The misuse of a bank’s brand by scammers can severely damage the institution’s image—especially in scams that prey on victims’ emotional vulnerability and heightened stress from disasters. For those already struggling with the impact of a crisis, the added harm of falling victim to fraud is the last thing they need.
It is therefore essential for banks to have robust measures in place to protect their customers from these types of fraud. Behavioral intelligence from ThreatMark can play a significant role in this regard.
ThreatMark’s Cyber Fraud Fusion Center, a key component of the Behavioral Intelligence Platform, actively searches for current cyber threats such as fraud, phishing, and malware. By gathering tactical, operational, and strategic intelligence that signals compromises, data exposure, or other vulnerabilities, ThreatMark can swiftly neutralize threats (e.g., shutting down phishing sites) during times of elevated risk, such as floods or other crises. This proactive approach helps protect both financial institutions and their customers.
Stopping fraud when it matters most
Behavioral Intelligence Platform also protects bank customers from scams and authorized push payment (APP) fraud, which are among the biggest threats during crises, when fraudsters increasingly rely on social engineering and exploit the emotional vulnerability of victims and well-meaning donors. By leveraging advanced machine learning and AI technology, the Platform detects unusual changes in a user’s behavior, transactions, or device, effectively uncovering fraud—all in real time and without disrupting the customer experience.
Last but not least, behavioral intelligence is an effective tool for distinguishing fraudulent users from legitimate customers. By collecting intelligence on attackers’ infrastructure, devices, tools, locations, payment methods, and affiliated attack vendors, ThreatMark’s Behavioral Intelligence Platform can effectively disrupt fraud operations at their source—protecting banks and their customers not from floods themselves (alas), but indeed from floods of fraud.
Explore the Behavioral Intelligence Platform
Related Articles
-
November 13, 2024
Imposter Fraud: Trends, Tactics, and Effective Mitigation
Impersonation (or imposter) scams are some of the most common and effective tactics used by scammers.
In these schemes,...
-
October 23, 2024
Scam-Proofing the Future with Behavioral Intelligence: A Whitepaper
As scammers continue to innovate, the need for effective scam-proofing has never been more critical.
From impersonation and romance...
-
October 1, 2024
Purchase Scams: When The Love Of A Good Bargain Comes With A Higher Price Tag
Becky Holmes is an acclaimed author known for her witty and insightful take on the world of online...