You have received an email from a trusted entity
If you have found a message with a link in your inbox from a well-known company, bank or office, please be advised to carefully analyse the sender’s email address; be sure to verify the actual email address, not just the sender’s name field. Criminals often happen to overwrite this field with the correct address of the bank, and a suspicious, actual address appears next to it, which we often do not pay attention to. Also, keep in mind verifying the content of the email itself before clicking on the link. Try to search for the sender’s address using a search engine (for example, Yahoo, as Google does not have the capacity to find email addresses). If the content of the email raises your suspicions, for instance it contains linguistic errors (then it can be assumed that it was prepared with the use of a translator) or simply looks unprofessional (“broken” email footer or lack thereof), then it is highly probable that someone impersonates the sender. Sometimes it happens, however, that the content of the email does not raise any doubts – after all, criminals learn too.
Important note: if something raises your suspicions, you must immediately contact the sender by phone (using the number provided on the website of the organisation, not in the footer of the message received!).
You have received an email with a link from a trusted entity
In particular, it is a must to not click on the links in the emails that direct you to the bank’s website where you log in to electronic banking. If you need to make a transfer, and you do not have a saved site or history, just search for e.g. “pko bp login”. The correct site should be in the first or second search result.
Once you have entered the website, it is worthwhile to click on the padlock next to the address to make sure who the certificate is issued to. It must be issued for a specific organisation, so the address should include the full name of our bank.
You have received an email with an attachment from a trusted entity
The attachment must be scanned before opening. Sometimes it happens that attachments to incoming and outgoing messages are automatically scanned for viruses, as is the case with Gmail. You can also use software that automatically scans email attachments, such as Windows Defender.
Social media
Recently, the Office of Competition and Consumer Protection has prepared a simulation of a social networking site, which shows various types of attacks, including purchase fraud or extorting the BLIK code: https://konsument.edu.pl/login. Anyone can publish on social media, therefore never trust thoughtlessly promoted content, especially when someone offers you to earn 3,000 dollars a day without leaving home. Is the offer to buy an iPhone from an unknown store tempting too much? Check this store using the advice at https://www.legalniewsieci.pl/aktualnosci/wiarygodny-czy-falszywy-czyli-jak-sprawdzic-sklep-internetowy.
Risky websites
These include gambling sites, torrenting sites, pornographic sites, or those in disguise as streaming sites. The risk that you install malicious software on your computer after clicking on the advertising banner is much higher than in the case of a “boring” website of a local weekly magazine. Please be reminded that you can also find entertainment on the Internet using safe, trusted sites.