News

/ Taxes and Law in Poland

Beware of fraudulent emails about tax refunds and PIT corrections in Poland

Beware of fraudulent emails about tax refunds and PIT corrections in Poland

/
Date25 Mar 2025
/

The tax settlement period in Poland is a time of increased activity for cybercriminals. Scammers are using increasingly sophisticated methods to steal personal and banking data by impersonating the National Revenue Administration (Krajowa Administracja Skarbowa – KAS) and the Ministry of Finance (Ministerstwo Finansów – MF).


Most common scam methods

  1. Fake emails and SMS messages
  2. Fraudsters send messages claiming that the taxpayer is entitled to a refund or needs to correct their PIT-17 form. They attempt to lure recipients into clicking suspicious links or opening malicious attachments.

  3. Phishing and fake websites
  4. Links in these messages lead to counterfeit websites that closely resemble official government portals. The goal is to steal login credentials or install malware.

  5. Impersonating tax authorities
  6. Scammers use email addresses that appear official but are actually fake, such as:
    prawdziwy_kas@gov.mof.pko360.pl
    krajowaadministracjaskarbowa-kas@gov.mof.pekao.pl

  7. Fraudulent phone calls
  8. Criminals call taxpayers, pretending to be tax office officials, and try to obtain personal details, PESEL numbers, bank account information, or login credentials for tax-related systems.


How do you protect yourself from fraud?

  1. Verify the sender – official institutions in Poland use email addresses with the gov.pl domain.
  2. Avoid clicking suspicious links or attachments in emails or SMS messages.
  3. Use only official government websites – Access Poland’s e-Tax Office (e-Urząd Skarbowy) exclusively through the Ministry of Finance’s official website: www.podatki.gov.pl.
  4. Never share sensitive information over the phone such as your PESEL number, banking details, or login credentials.
  5. Update security software and use strong passwords for your accounts.

What to do if you encounter a scam attempt?

Do not respond to suspicious messages or click on any links.
Report the incident to CERT Polska via their website: www.cert.pl.


As cyberattacks become more frequent, staying cautious when handling financial and tax-related messages is crucial. Scammers are continuously refining their techniques to impersonate government institutions and banks. Being aware of potential threats and verifying information sources are fundamental steps in protecting your personal data and financial security.

If you have any questions regarding this topic or if you are in need for any additional information – please do not hesitate to contact us:

Ask a question »

CUSTOMER RELATIONSHIPS DEPARTMENT

ELŻBIETA<br/>NARON - GROCHALSKA

ELŻBIETA
NARON-GROCHALSKA

Head of Customer Relationships
Department / Senior Manager
getsix® Group
pl en de

***

This publication is non-binding information and serves for general information purposes. The information provided does not constitute legal, tax or management advice and does not replace individual advice. Despite careful processing, all information in this publication is provided without any guarantee for the accuracy, up-to-date nature or completeness of the information. The information in this publication is not suitable as the sole basis for action and cannot replace actual advice in individual cases. The liability of the authors or getsix® are excluded. We kindly ask you to contact us directly for a binding consultation if required. The content of this publication iis the intellectual property of getsix® or its partner companies and is protected by copyright. Users of this information may download, print and copy the contents of the publication exclusively for their own purposes.

Our Recommendations

Our Memberships

Our Certification

Wojskowe Centrum Normalizacji Jakości I KodyfikacjiTÜV NORDTÜV RHEINLAND

Our Partnerships

Competencies