PKO BP issues urgent warning: phishing sites target iPKO

25 February 2026 Poland Radar 0 Comments

PKO BP warns of a spike in phishing websites impersonating its iPKO business platform; entrepreneurs and finance officers are advised to take immediate precautions and report suspicious pages to the bank and authorities.

PKO BP has issued an urgent warning after detecting a sharp rise in phishing activity aimed at users of its iPKO business platform. The attacks use highly convincing fake websites that are difficult to distinguish from the official service, putting business account credentials at risk.

Table of Contents

What happened

The country’s largest lender reported that cybercriminals are creating lookalike web pages and manipulating search results to direct entrepreneurs and company finance managers to fraudulent login pages. According to the alert, these sites are designed to harvest usernames, passwords and two-factor authentication codes — a fast route to unauthorized transfers or account takeover. The goal appears to be mass credential theft from small and medium enterprises that use the bank’s corporate online portal.

How the scams work

Attackers commonly deploy several techniques: registering visually similar domain names (typosquatting), using subdomains that hide the real host, and buying search ads so a fake page appears above the genuine site. They may also employ homograph attacks (replacing Latin letters with visually similar characters), phishing emails or SMS (so-called smishing) that point to the fake pages, and fake support numbers that coax users into revealing authentication codes. Even pages with a valid SSL padlock can be fraudulent — the padlock only means the connection to that server is encrypted, not that the server is legitimate.

Practical steps to protect your business

If your company uses iPKO business, take immediate precautions: always access the bank via a saved bookmark or the official mobile app rather than search results; check the URL carefully for misspellings or extra characters; never enter one-time codes or passwords on a page you reached from an unsolicited email or message; and enable the strongest available authentication (hardware tokens or app-based 2FA where offered). If you suspect compromise, contact your bank’s fraud team immediately, freeze affected accounts and report the incident to local police and to CERT Polska — Poland’s national incident response team.

💡 GOOD TO KNOW: PKO BP is Poland’s largest retail and commercial bank; iPKO business is its dedicated online banking platform for firms and entrepreneurs. For expats: bank correspondence in Poland is commonly in Polish, so insist on support in English if needed and keep a written record of any phone calls. If you encounter a suspicious website or message, report it to the bank’s official hotline (use the number from the back of your corporate card or the bank’s verified website), file a report with the local Policja (police), and notify CERT Polska so they can track wider campaigns. Bookmark the bank’s official login and consider using a corporate IT policy that blocks access to newly registered or untrusted domains.

Source: Read original article