Since 25.08 It will not be possible to log in to Millenet from the version of the browser you are now using. Update the browser on your device and use online banking in a comfortable and secure way.
From 15 May 2021, Millenet online banking system will not be available in this web browser, and some elements may not be displayed correctly on our website. Install another browser now and use Millenet safely and comfortably.
Need assistance?
From 15 May 2021, Millenet online banking system will not be available in this web browser, and some elements may not be displayed correctly on our website. Update or change it now.
Need assistance?
(for landline and mobile phones, fees according to the operator's price list)
Bank Millennium S.A. uses cookies to make navigating our website easier for you and show you content tailored to your needs.
Cookies help us understand how you use the website and how we can improve it to better suit your needs.
We will not show you personalized marketing and commercial offers.
By clicking AGREE button, you agree to save cookies that allow us to show you personalised advertisments of our products and services. We can combine this data with any other data we have about you. You can find more information on this website: Data protection - Bank Millennium.
You can withdraw your consent at any time on this page: Policy regarding cookie files - Bank Millennium or in your internet browser settings. It means that from the moment you withdraw your consent, we will no longer save any cookies. Withdrawing your consent does not affect the lawfulness of processing carried out on the basis of the consent before its withdrawal. For more information on the types of cookies, how they work, how to delete them and how to change your settings, please visit our page Policy regarding cookie files - Bank Millennium.
If you wish to accept marketing cookies and receive tailored commercial information, please, click here.
Accept
Akceptuję
Refuse
Nie akceptuję
Setting
Ustawienia
Back
powrót
/en/data-protection/osobiste2/Retail/Login/MulticodeRequest
Beware of criminals who impersonate bank employees, investment brokers, customer service staff or even police officers. Be vigilant when someone on the phone asks you for personal details, passwords or offers to install an unknown app.
1) You get a call from someone claiming to work for a bank and saying, for example, that someone tried to log into your account or wanted to take out a loan using your details.
2) They persuade you to install a customer service application (e.g. TeamViewer, QuickSupport, AnyDesk), which actually allows them to control your device remotely.
3) They may also ask for your login details, full card details or BLIK code, and persuade you to make transfers or BLIK transactions.
Be careful! In such a situation, don't give out any personal details, don't install any apps and don't perform transactions at the caller's command. Hang up and call the official number of the company or institution concerned, provided on the official website.
Our employee on the phone can send you your details in the mobile app.
Keep in mind! You will only receive a notification confirming your details in the banking app. Bank employees do not send links or business cards via chats, messengers or SMS messages.
You can also easily confirm your identity in the app without giving your details over the phone. During the call, our employee will send you a notification in the banking app. Read it carefully and confirm it. You do not need to provide any personal information in this situation.
Keep in mind! Our employee never asks you for your password or PIN!
Fraudsters are taking advantage of our emotions and eagerness to help those affected by the floods. It is more and more common now to come across a fake message that is not aimed at supporting, but at phishing for your money or data.
Fake fundraisers. Support only organisations that you know. You can also use a ready-made charity transfer in your app. You can find it in the bottom menu under Payments > Transfers. Information on legitimate collections is posted on the website of the Public Collections Portal of the Ministry of the Interior and Administration.
Fake RCB alerts with links. Don't click on the links. Real alerts do not contain them.
Social media posts. Watch out for posts with drastic messages about the floods. Often their purpose is not only to create chaos, but also to phish for data. If, when you click, you are asked to enter your login details, don't do it - the scammer is trying to take over your profile in this way.
Scammers trying to get into your computer have a new way of doing it. This time they use the CAPTCHA mechanism - a short test that is used on some websites to confirm that the user is not a robot.
A correct CAPTCHA requires, for example, entering some letters or indicating certain objects in a picture.
The criminals have adapted this scheme, but they provide on-screen steps for the user to follow. These steps are altered compared to the standard CAPTCHA. If you follow the instructions and click the sequence, you open access to your device to the hacker. Your computer will download and install the malware.
First of all, be vigilant! The legitimate CAPTCHA can take many forms, but it will never require you to use the WIN (Windows button) + R key combination.
QR codes, or black-and-white pictograms with encrypted data, can make it easier to find information or order a payment. They act as direct links, often connecting offline and online spaces. However, they are worth using with caution, as their convenience and speed are increasingly being exploited by cybercriminals. This modus operandi has even gained its own name - quishing.
Criminals create a fake website and then generate a QR code with a link to that website. They then place the code in a location from which it can be easily scanned - at bus stops, parking meters, leaflets and brochures or in emails.
The scammers come up with all sorts of ways to convince you to scan the code and enter your details or download a malicious app. When you scan such a code, you end up on a fake website. Therefore, it is always worth checking the address of the page to which the QR code redirects you.
When you see a sticker with a QR code in a public place, such as a bus stop or car park. The sticker tells you that this will make it quicker for you to buy a ticket or pay for your parking time. Beware, criminals can use this to direct you to fake websites where they want to scam you out of your details and money.
When you receive a leaflet or brochure on the street with discounts, e.g. to a shop or drugstore.
Also beware of QR codes sent for example in text messages or emails. If you don't know the sender or you see an error in the email address or in the body of the message, don't scan the code.
Fraudsters have found a new way to scam people. They offer "a job" that involves sending transfers from your account to other bank accounts to receive a salary.
A supposedly easy profit can turn into a quick loss when, after a few transfers, the money is no longer coming back.
These types of offers appear on social media and in closed groups on popular messengers.
You receive a message in which someone stranger offers you money in exchange for completing some non-committal tasks. Initially, this might be liking, commenting or sharing some material on the internet. You get paid for completing the task. These first steps are intended to build your confidence and encourage you to continue your "cooperation".
You then get a task to make a transfer from your account to get a return transfer plus an additional "bonus". You send the stranger your own money to get a return with the declared profit. The higher the amount of the transfer, the greater the promised return to your account.
At first, this scheme works - this is how criminals want to gain your trust and deceive your vigilance. Until, at some point, when you transfer a larger amount to an unknown account, the refund does not come and contact with the 'employer' stops.
We changed the address of the website where you log in to Millenet.
The domain in the site address has changed. You received more details in the message after logging in. Remember, we do not inform about the login changes in an email, but only in the bank's channels. We also do not send links in SMS messages.
The steps of logging in and the data we require (Millekod, Password 1 and 2 characters of the identifier) did not change
The appearance of the website after logging in to Millenet did not change
The address of the main page of the bank did not change: https://www.bankmillennium.pl - you can still start logging in on the homepage and we will redirect you to the login page
When you log in to your account via Millenet, remember these rules:
Check the address bar before you enter your personal details
If you see errors, typos or don't recognise the address - do not log in
We always ask for only Millekod, Password 1 and two random characters from your ID (e.g. PESEL number)
Do not enter your full ID or payment card details on the login website - we never ask for this
In the Millenet settings you can enable the security image - it will always be displayed after you enter your Millekod. This way you can be sure that you are logging in on our website
Remember that we do not send links in external emails and SMS messages
They impersonate Bank Millennium and other well-known companies (popular VOD platforms, music services, courier companies, online stores) and send fake e-mails. For example, you can get information about your subscription expired on the streaming platform or about unusual activity on your account and the need to unblock it. Later, the scammer's pattern of operation is similar - they urge you to log into your account and provide your personal and payment card details, or download malicious applications.
Do not click on unknown links and do not install any applications from such messages - we never send login links in e-mails and text messages
If you want to visit the Bank's website, do not use external links, it is safer to enter the address manually in the browser
Never log into your bank account on websites other than the Bank's website
Do not provide confidential data (login details, card details, document numbers, etc.) if you do not know the sender or the form of the message raises your doubts
Always carefully check the content of the message from the Bank confirming the transaction
Przestępcy wysyłają SMS-y, w których podszywają się pod firmę kurierską InPost oraz Pocztę Polską. W treści informują o błędnym adresie paczki lub brakujących dan
Fraudsters send SMS messages pretending to be from the courier company InPost and the Polish Post Office. In the content, they inform about an incorrect parcel address or missing details. They also provide a link to a page where payment card details must be entered.
In this way, the fraudsters gain access to the data with which they can pay with your card on the Internet or add it to a virtual wallet.
ych. Podają też link do strony, na której należy wpisać dane karty płatniczej.
W ten sposób oszuści zyskują dostęp do danych, dzięki którym mogą płacić Twoją kartą w internecie lub podpiąć ją do wirtualnego portfela.
Do not enter your payment card details on a site you are on for the first time and always check the website address carefully. If you spot a typo, spelling mistake or strange domain - don't enter your card details, passwords or other sensitive data!
Scammers send text messages with a link to funds that someone supposedly transferred to you using BLIK. If you receive such a message, do not click on the link!
Neither we, nor the BLIK payment operator - send such SMS.
If someone sends a BLIK transfer to mobile, funds will automatically be on your account and you do not need to confirm that you want to receive them.
If you receive such a message, do not click on the link! Keep in mind other security rules.
Do not download applications that you do not know - you can unknowingly infect your device.
Log in to your account only in the application and on the bank's website
When logging in to your account, do not give your full ID, PESEL or payment card details - we only ask for two random characters.
Do not give your bank or email login details to anyone - this is confidential data.
If anything raises your doubts, please let us know. You can call us on the special telephone line: 22 598 44 44 (fees according to the operator's price list) or via e-mail: kontakt@bankmillennium.pl.
Cybercriminals are not idle, this time they impersonate tax offices. You may receive an e-mail or text message about your tax refund - beware of such messages. If you receive such an SMS or e-mail, report it to us.
Scammers send out false information that you can get a tax refund. They will send you a link to a site that impersonates a tax authority or government site such as the Ministry of Finance, the National Tax Administration and the Tax Office.
Do not click on the link sent in such correspondence! Tax offices or Ministry of Finance do not offer taxpayers to collect overpaid tax via e-mail or SMS.
If you inadvertently go to such a page, do not give out your personal details, internet banking login details, payment card details and account numbers!
Watch out for new phishing attempts by cybercriminals! Scammers send email or SMS messages telling you that you need to update or authenticate your data to avoid having your account locked. We do not send such messages and never offer any system or data updates via email or SMS. If you receive such an SMS or e-mail, report it to us - write via inbox or call the dedicated helpline at 22 598 44 44 (fee according to your operator's price list).
Your account is not compliant with the "new security system"
Access to your account has been or will be blocked
At the same time, the message contains a link to: update, authenticate or unlock. Do not click on such links!
And if you by mistake go to such a page, do not enter any personal information, online banking login details, payment card details and account numbers. Inform us immediately about such a situation.
The scammers impersonate PGE (Polska Grupa Energetyczna) or other providers and inform that you are in arrears with the payment and you are at risk of power cut. Be careful and don't click on the link in the SMS.
If you have any doubts, if the message is true, please contact your electricity provider. Always search for the current contact number on the provider's website.
Tell us about anything suspicious by calling the dedicated helpline: +48 22 598 44 44 (fees in accordance with the operator's price list) or via e-mail: kontakt@bankmillennium.pl.
As a gesture of solidarity with the war-stricken Ukrainians, we have waived our fees for foreign transfers to Ukraine. We want to help, but at the same time we ask you to be vigilant.
When others join forces to help, scammers waste no time and take advantage of our good intentions.
Therefore, before you transfer money, check the account numbers and credibility of the collections you are supporting with your donations.
Before you donate, check the official website of the organization to see if it runs a collection. Compare the information and account numbers.
If you make transfers to private recipients - send money to those you really know, do not copy account numbers from social media.
Use verified payment methods and avoid those you don't know.
Don't give others information about fundraising that you can't verify.
Don't fall for phone calls from purported uniformed services that "extort" you to donate money.
Don't click on links in e-mails and text messages.
Don't give out your account or e-mail passwords or payment card details to anyone or enter them on unverified websites.
Only log into your bank account on our website or through our mobile app.
Update the operating system and anti-virus software on the devices you use.
If you suspect an attempted crime or if you have been defrauded in this way, inform us and report it to the police.
Your passwords for confirming operations will be now delivered from the sender named Millennium. Currently, from Millennium sender you receive for example, information about important documents waiting for you in Millenet or agreements to sign. Before entering the code from the SMS, always check if the name and amount of the transaction agree with the operation you are performing – if you see a different transaction name, do not enter the SMS P@ssword and contact us.
If you want, you can change the method of confirming transactions and instead of retyping passwords, confirm operations in the Bank Millennium mobile app.
Recently, fake ads impersonating Bank Millennium's offer and informing about cash prizes for loyal clients have appeared on social network. To get the prize, you are asked to give your MilleCode.
Remember these rules to use online banking system safely:
do not give your MilleCode and login details to anyone
do not log in to your account on websites other than Bank Millennium's websites
do not enter the entire PESEL / ID card / passport number and telephone number when logging in (only 2 randomly selected identifier digits are required when logging in)
do not enter payment card details while logging in - we never ask for it
read carefully each SMS that you receive from us - check the operation you are confirming (the amount, type and number of the transaction), mind the language of the message
If anything raises your doubts, please let us know. You can call us on the special telephone line: 22 598 44 44 (for landline and mobile phones; fees according to the operator's price list).
We have received signals about false e-mails sent by scammers impersonating Bank Millennium. They inform about money transfer. To see the details and invoice you are asked to click on the image with link. In fact, it leads to website with malware in order to steal your data and get control over your device.
We never send any links via e-mail or SMS!
Messages with transfer confirmations are sent only when you request it and they are sent only from the address: powiadomienia@bankmillennium.pl
They impersonate DHL and send SMS messages informing about the necessity of additional payment for the shipment, e.g. due to customs duties.
There is a link in the SMS that directs you to the fake website of the courier company, from which you can download the "shipment tracking" application. In fact, it is malware allowing to steal money from your account.
do not click on links in emails or SMS as well as do not download unknown applications, available from a link nor any attachments to emails, especially if you are not sure about the sender or if the message raises any doubts
do not share login details with anyone (we never ask for MilleCode or P@ssword 1 by emails or SMS)
log in to Millenet only at Bank's website and before logging in check if yo see a closed padlock in the address bar
install anti-virus software on all devices used to log in to your bank account, remember to update it on regular basis
Fake Rossmann and Sephora ads have appeared on social network (e.g. Facebook, Instagram).
The scammers inform about free cosmetics available in special offer. To get them you are only asked to pay the shipping cost by giving your payment card credentials. Card details obtained in this way are used for transactions for larger amounts.
Remember a few rules when paying by card online:
before making a purchase, check if the offer is trustworthy and approach extremely bargain prices with more caution - look for opinions on the Internet on independent portals
verify information about promotions on the seller's official websites
do not provide your card details in unknown stores, do not send photos or a scan of your payment card to anyone - the data from the card can be used to make online transactions
when paying for the transaction, check the details and amount before confirming it with an SMS P@ssword or Mobile Authorization
install anti-virus software on all devices you log into the bank account and update them on a regular basis
Remember that you can restrict your card at any time in Millenet and in the mobile app or by calling +48 22 598 41 14 (fee according to the operator's price list).
If you notice any suspicious offers online, please let us know.
Fraudsters send e-mails informing about disabled account or payment card.
Bank Millennium sends no such messages or any links via email or SMS!
Also, we never ask to enter payment card details (number, validation date, CVV2/CVC2 code) to unlock it nor we ask to make a money transfer to unlock the account.
If you receive such a message, please let us know.
do not click on links in emails or SMS, especially if you are not sure about the sender
do not download unknown applications, available from a link nor any attachments to emails, if you don't know the sender or the message raises any doubts
do not share login details with anyone (we never ask for MilleCode or P@ssword 1 by emails or SMS)
log in to Millenet only at Bank's website and before logging in check if you see a closed padlock in the address bar
when logging in to Millenet, do not enter full PESEL or an ID number, we ask only for the 2 randomly selected characters
when logging in, never enter your payment card details
install anti-virus software on all devices used to log in to your bank account, remember to update it on regular basis
Bank has recently received new signals that scammers impersonate TeleMillennium helpline consultants, calling to inform you about suspicious activity on your account/payment card. They ask for personal data and can ask you to install the application, which enables remote control of the user's device.
do not download any fishy apps - Bank consultants never encourage you to download any applications for quick customer service etc.
do not share confidential data with anyone, e.g. PESEL number, your payment card number or CVV code - our helpline consultants never ask for such data
never share login details to your bank account - Bank consultant will never log in to the system for you
log in to your bank account only on Bank's website and while logging in keep in mind that the system never requires entering a full PESEL number or a full ID number - only two randomly selected characters.
Komenda Główna Policji i FinCERT.pl – Bankowe Centrum Cyberbezpieczeństwa ZBP ostrzegają przed próbami oszustw przy inwestowaniu w kryptowaluty oraz na rynku Forex.
Inwestycje w kryptowaluty, a także na rynku Forex co do zasady są legalne, ale oszuści wykorzystując fałszywe serwisy internetowe, podszywają się pod pośredników i oferują ułatwienia w inwestowaniu.
Przestępcy nakłaniają potencjalnych pokrzywdzonych do zainwestowania pieniędzy, obiecując wysokie i szybkie zyski bez ryzyka. Proponują pomoc przy inwestowaniu, dlatego zalecamy wysoką ostrożność przed podjęciem decyzji o przeznaczeniu pieniędzy na taki cel.
Wyłudzeń dokonują osoby, które podają się za tzw. „brokerów” inwestycyjnych – pracowników firm pośrednictwa i doradztwa inwestycyjnego. Firmy te reklamują swoje usługi w mediach społecznościowych, serwisach internetowych oraz aplikacjach mobilnych. Przyciągają uwagę i starają się uwiarygodnić swój przekaz za pomocą wizerunku:
„przeciętnego Kowalskiego”, który szybko zyskał dzięki współpracy z „pośrednikiem”,
powszechnie znanych i rozpoznawalnych osób (sportowców, polityków, aktorów, dziennikarzy, celebrytów) - bez ich wiedzy, zgody i na podstawie zmanipulowanego przekazu.
Oszuści kierują informacje do potencjalnych pokrzywdzonych i wskazują na możliwość osiągnięcia szybkich i wysokich zysków. Tego typu oferta jest nieprawdziwa i zazwyczaj kończy się utratą pieniędzy.
Nie ulegaj presji. Uważaj na pozornie atrakcyjne oferty. Nie działaj pochopnie, pod wpływem chwili i emocji. To może być oszustwo!!!
Jeśli przeczytasz artykuł czy post w mediach społecznościowych lub skontaktuje się z Tobą osoba, która proponuje:
szybki i wysoki zysk dzięki inwestycji w kryptowaluty lub na rynku Forex;
instalację aplikacji na telefonie lub komputerze, która ma posłużyć do zakupu kryptowaluty lub wykonania operacji na rynku Forex;
wsparcie w inwestycjach i obsłudze aplikacji przez „analityka”, którzy zadzwoni do Ciebie i udzieli pomocy,
zastanów się, zachowaj zdrowy rozsądek i ostrożność.
Komenda Główna Policji i FinCERT.pl – Bankowe Centrum Cyberbezpieczeństwa ZBP zalecają:
Sprawdź wiarygodność podmiotu. Zweryfikuj opinie w Internecie, np. w połączeniu ze słowem „oszustwo” lub „scam”. Nie poprzestawaj na jednej stronie z opiniami;
Nie udostępniaj nikomu danych do logowania w bankowości elektronicznej i mobilnej;
Nie udostępniaj nikomu danych poufnych dotyczących Twoich kart płatniczych;
Nie przesyłaj nikomu skanów swojego dowodu osobistego;
Nie instaluj dodatkowego oprogramowania, na urządzeniach z których logujesz się do bankowości elektronicznej;
Jeśli otrzymasz przelew od nieznanego nadawcy, pod żadnym pozorem nie przekazuj środków dalej, nawet jeśli „Twój doradca” o to prosi – nieświadomie możesz brać udział w przestępstwie.
Jeżeli podejrzewasz, że jesteś ofiarą oszustwa skontaktuj się ze swoim bankiem oraz złóż stosowne zawiadomienie na Policji.
Komenda Główna Policji
FinCERT.pl – Bankowe Centrum Cyberbezpieczeństwa ZBP
In the most frequently used fraud scenarios involving the phishing of payment card or login details, the main exposed persons were those making payments - buying goods on the Internet. Recently, however, we have observed a new type of abuse also directed against people who display goods on local buying and selling portals. Recently, scams of this type appeared on the OLX platform.
The fraudulent data is used by fraudsters to make online transactions from the card or add it to the fraudster's electronic wallet, which will allow him to perform further transactions from the account related to the card, also in stationary stores.
any communication outside the sales website - the scammers contact mainly via external communicators
links directing to the sales offer, delivery order or payment - double-check the address of the page to which the link transferred you
linguistic errors, typos or other inaccuracies on the website - if something raises your doubts, do not provide your personal data and payment card details under any circumstances
If anything raises your doubts, please let us know. You can call us on the special telephone line: 22 598 44 44 (for landline and mobile phones; fees according to the operator's price list).
If you are a buyer, the criminals impersonate the OLX platform and encourage you to use the option with delivery or the surcharge for the parcel. They also use an external communicator for this. The scam message contains a link that redirects you to a fake payment card phishing website.
If you are selling goods, it might look like this:
You post an advertisement with the goods you want to sell.
A potential buyer comes to you and starts a conversation with you, usually using a popular messenger, and not directly through the page with the advertisement.
The buyer argues that he will make the payment for the goods and shipment by transfer to your payment card and for this purpose sends a link to the payment.
The link directs you to the page where you must provide payment card details (full card number, expiry date, authorization code) and confirm your willingness to receive payment by entering a password from an SMS.
Bank has recently received signals about false emails sent by scammers impersonating Bank Millennium. They inform about loyalty bonus, available after clicking on the link. The link leads to fake login page, where you are asked to enter MilleCode and P@ssword 1, and then your payment card details.
We inform that Bank sends no such messages or any links via email or SMS! Also, we never ask you to enter your payments card details while logging in your bank account.
Police informs about emails regarding alleged banking fraud. The message, allegedly signed by the Police Headquarters, is accompanied by an attachment with malware that infects or completely blocks the device.
messages on social network and communicators, e.g. message from the fraudster impersonating your friend and asking for a BLIK code to make an urgent payment
ads on social networks pretending to be Bank Millennium's offer and informing about cash rewards
Zawsze dokładnie sprawdź nadawcę i treść otrzymanej wiadomości oraz nie klikaj w nieznane linki i nie instaluj żadnych aplikacji z takich linków.
Dodatkowo przypominamy, że Bank nigdy nie wysyła do Ciebie wiadomości e-mail czy SMS z linkami oraz nigdy nie prosi o podanie poufnych danych w ten sposób.
You receive a call from a person saying their work in a bank, and claiming that someone tried to log in to your account, sent a money transfer for you or tried to take a loan using your name.
It's a stressful situation and for sure you want to act immediately to secure your money. But be careful! It can be a fraud scheme. How can you check, if you are talking to the real bank employee?
Now you can check it easily in our mobile app. During the phone call, say you want to verify the consultant's identity in the app.
If you are talking to our employee, you will get push in the app, where we will confirm the name of the consultant calling you.
If the caller refuses or will give you inaccurate data - hang up and let us know by calling +48 22 598 44 44 (fee according to your operator's price list).
Keep in mind that our employee will send you push notification only via banking app. Our employee will never send their personal details via e-mail, SMS, or any messenger app.
Confirm identity securely on the mobile app
You can now securely and conveniently confirm identity when you talk with our consultant on the phone.
1
Our employee can propose to send you a notification in the app at the start of the phone call: "Confirm operation in the app". Tap on the notification and log in to the app.
2
Once you have logged in, you will see a screen confirming your identity to the consultant and checking the consultant's details.
3
When you confirm - both you and our employee can now be sure that you are talking to the right person and not a criminal pretending to be someone else.
Keep this in mind
When you confirm your identity in the app, our employee will not ask you for additional details. If you do not have an app, the consultant will confirm your identity in the usual way: he or she will ask you about your details and products at our bank.
Our employee will not ask you for your password or PIN under any circumstances.
You will only receive a notification confirming your details in the bank app. Our employees do not send links or business cards via chats or SMS messages.
Take a quiz and see how much you already know
It's good to know as much as you can about how to be secure online, when you use your account or pay online, or even when you pick up the phone from a stranger.
We have prepared 6 thematic quizzes for you. Test your knowledge of cyber security!
It's an attempt to catch you in scammers' nets, who e.g. impersonate your bank.
What for? To make you pass your personal data, login or payment card details. As a result, your account or card will be accessed by unauthorized persons who can order transactions or impersonate you.
But how? The scammers send e-mails or SMS-s persuading to act immediately, such as:
'Your bank account has been blocked'
'Pay fee for your card'
'Your parcel has been withheld due to underpayment, settle the arrears'
'On ... the execution was initiated. Possibility of amicable repayment for PLN 8.44'
Be careful
Do not click on links and do not download any applications unless you know the sender of the message.
You will never receive such a message from Bank Millennium, because we do not send any links in e-mails or SMS.
When you log in on the bank’s website, look at the address bar. Check if the website address is right, there are no typos or misspellings and if the connection is encrypted (icon with a closed padlock).
If something looks different than usual, please do not log in - we always inform about it when we change something on the login page.
On the login page, we always ask for only two randomly selected characters of the identifier - never enter the entire PESEL number or the entire document number.
Fake consultant, or vishing
How do you know that the person you are talking to on the phone is really who they say they are? This is obviously very difficult, and it is easy for fraudsters to gain our trust and obtain sensitive data.
How to defend yourself?
Don't share login details with anyone - only you should know them.
The bank consultant can ask you to provide MilleCode, but will never ask for your login password.
Malicious software, or malware
How does it work? You get an e-mail or an SMS with a link to download an app or 'very important' attachment. You click on it and this way you infect your computer, phone or tablet.
What for? This one click allows to install a malicious application or program on your device that can, for example, track your activity and download data, or take control of your device completely.
Keep in mind:
never click on unknown links
don't download attachments if you don't know what's in them or you don't know the sender of the message
do not install unchecked applications - preferably before installing an application, look for comments about it in the application store
Card frauds
How? You enter your card details in an unchecked store, or in response to fake e-mail, you give someone your plastic card or write your PIN on the card or a sticky note attached to the card.
What for? The fraudster needs your card details to make online transactions or tokenize the card, for example in Google Pay service. To pay in a stationary store the fraudster needs your card, and for larger payments also PIN.
How to defend yourself?
Never scan the card, do not pass on the data from the card to anyone
Pay with your card in trusted online stores
Carefully read the terms and conditions of internet subscriptions you accept (sometimes the first month is free, and the next one is charged a high fee)
Do not give your card or PIN to an unauthorized person (e.g. waiter in a restaurant or bar
Message from "a friend"
Your friend informs you via messenger app that he need money at once, he will return tomorrow and you only need to give him a BLIK code. Or he sends you link to the transfer (PayByLink).
What do you do? At first, everyone is probably willing to help their friend. Yet, be careful! This may be a fraud scheme. Before you help your friend, make sure It really is your friend - scammers could have get access to his account. The best you can do is to call him and ask if he really is in need.
Fake stores and ads
How does it work? Scammers publish fake ads and fake stores' websites. Very often they give "special offers" or even rewards to get your attention and persuade you to use their offer.
Don't get yourself "caught":
Before taking advantage of such a "great deal", try to verify that it is trustworthy.
You can search for comments on the Internet about a given company or a specific website.
If you have any doubts, do not order a payment or share your details.
Fraud on cryptocurrency exchanges
How? You come across an ad promoting easy ways to invest in cryptocurrencies:
"You don't need to know anything about investing"
"We guarantee quick profit"
"We will do everything on your behalf, only scan your payment card/ID and give us your login details/SMS P@ssword"
What for? To extort your personal details, login details to your bank account or payment card details, and above all, to persuade you to transfer your money. Unfortunately, when you want to withdraw your funds, contact with the "broker" is broken and the money transferred cannot be recovered.
How to defend yourself?
Check the credibility of the broker. Check online reviews, for example in conjunction with the words "fraud" or "scam". Don't stop at just one review page.
Do not share your bank account login details with anyone.
Do not share confidential information about your payment cards with anyone.
Do not send photos/scans of your ID to anyone.
Do not install suspicious software on devices from which you log into your bank account.
If you receive a transfer from an unknown sender, do not forward the funds under any circumstances, even if "your Advisor" asks for it - you may unknowingly be involved in a crime.
How? The scammer goes to the mobile phone salon claiming to be you and asks for SIM card replacement. The operator blocks the old SIM card and gives the fraudster a duplicate.
What for? To take control of the authorization of your transactions.
When you should realize that you are a fraud victim?
When you want to use your phone, for example call someone, and it is impossible.
If such a thing has happened to you, be sure to report it to your mobile operator and check your account.
We take care of your online security
Secure solutions
We use various security features in Millenet and Bank Millennium mobile application - we use the latest technologies and we design services so that they are very safe.
Operations ordered in the electronic banking system need additional confirmation. Thanks to it, you can be sure that no online transfer or card payment will be ordered without your knowledge.
Transaction limits, i.e. the maximum amount you can order in a given operation or in total on a given day, will provide you with additional protection. You can easily adjust the limits to your needs in the settings in Millenet or in the mobile application.
In Millenet and in the mobile app, you can temporarily lock or restain a card that has been lost or stolen at any time. You do not have to wait for a call to the helpline or for the opening of a Bank branch.
To protect your data and your money, as of 1 June 2024, we check whether your PESEL number is restricted when you open an account or want to use credit products.
This means that if your PESEL is restricted and someone wants to illegally use your data with our bank - we will prevent this from happening.
