A Polish Member of Parliament was scammed by cybercriminals who posed as police officers, resulting in a loss of PLN 150,000.
The situation began when the fraudsters contacted the MP’s office, claiming there was a “matter of national importance.” A fake police officer, introducing himself as “Inspector Boroń” (the real name of Marek Boroń, Chief of Police), informed the MP of an alleged hacking attack targeting parliamentarians and compromising access to their bank accounts. The fraudster recommended immediate action and instructed the MP to transfer funds to a “technical account.”
At the MP’s request, his wife made ten bank transfers, liquidated deposits, and activated a credit card overdraft. In total, the MP and his wife transferred PLN 150,000 to the scammers, including funds from the Chancellery of the Sejm meant for operating the parliamentary office. They also provided the fraudsters with photos of their ID cards.
The case was first reported by Gazeta Wyborcza.
Expert Comments on the Incident
Kamil Sadkowski, an analyst from the ESET antivirus lab, remarked:
“Cybercriminals are constantly refining their methods, creating new schemes while also relying on proven techniques. Scams involving impersonation of bank employees, police officers, or institution representatives remain effective. In this case, the fraud was particularly aggressive, exploiting the authority of a high-ranking police officer known to the victim. The MP’s vigilance was weakened by the emotional pressure, leading to a series of hasty actions.”
The so-called “police officer scams” have previously been noted by the Central Bureau for Combating Cybercrime this year, albeit in a different form. In one instance, fake messages purportedly signed by Police Chief Marek Boroń included a PDF document accusing the recipient of involvement in pornographic crimes.
Sadkowski emphasized:
“This incident should serve as a warning to everyone. It illustrates how a single phone call can trigger a cascade of events. Cybercriminals often call from unknown numbers to weaken the recipient’s vigilance by playing on their emotions. They might claim that a loan attempt was made on your account or offer a time-sensitive investment opportunity. In each case, they push the target to take immediate action. Stay alert.”
Advice from Paweł Jurek, DAGMA IT Security
Paweł Jurek from DAGMA IT Security highlighted:
“This incident demonstrates how easily cybercriminals can exploit just a phone number and some information about their target to initiate a chain of events. While scams targeting individuals or small businesses may involve smaller amounts, the damage can still be severe. How can we protect ourselves?”
- Beware of phishing attempts – scams where fraudsters pose as state institutions, police, banks, or family members.
- Never share account login details, BLIK codes, or make transfers at the request of someone calling you, even if they claim to be a bank representative or police officer.
- Verify independently – hang up and contact the institution via a separate, official channel, not the one suggested by the caller.
- Don’t click on links or download attachments without verifying their authenticity.
- Manually enter website addresses in your browser rather than clicking on emailed or texted links.
- Remember – legitimate institutions never ask for passwords, login details, or card numbers via email, SMS, or phone calls.
Source: ManagerPlus
