Fraudsters impersonate an Orlen. How to recognize false investments?

A 67-year-old resident of the Zamość poviat cheated at 60,000 zloty. The 66-year-old Pabianiczanka lost 130,000 zloty. Over 95,000 disappeared from the account of a 67-year-old resident of the Witkowo commune. PLN, and from the account of the 69-year-old from the Tomaszów poviat-90,000 The common denominator of all these cases is the method that the fraudsters used to extort money – for the alleged “investment in Orlen”.

Orlen reminds that he does not conduct campaigns promoting fast profit and does not contact clients on investment by phone. Fraudsters impersonating the brand try to extort data and money – don’t be fooled!

The examples cited above are just a clipping of police statistics and press reports from this year. They are also not the lowest amounts extorted by online cheaters. In 2022, a resident of Bydgoszcz lost 330 thousand in a similar way. PLN, and a resident of the Nowy Targ poviat – over 290,000 Record loss? Over 540 thousand PLN – this is how much a Gorlican maned for fraudsters.

In the crosshairs, not only seniors

In addition to the scale of financial losses – these are often savings of the lives of victims – notes the fact that the victims of fraud are very often seniors. People of advanced age are more and more willing to use the Internet and modern devices, means and methods of communication, such as social media. However, they are most susceptible to social engineering tricks in which cyber-vocals specialized.

Fraud usually starts with an advertising on the web, which encourages “some investment with fast profit.” Clicking takes the user to the page where he is asked to provide contact details. Then follows the phone of an alleged adviser, which presents the “exclusive investment offer”, often limited in time. The manipulated victim overflows money, and sometimes – worse – installs software that allows fraudsters to take control of the device and the bank account.

Why are “on Orlen” so effective?

Orlen is a brand that inspires trust and is one of the most recognizable companies in Poland and Europe. He took first place in the ranking “200 largest Polish companies 2024”, published by the weekly “Wprost”, and on the prestigious list of five hundred of the largest European companies, Fortune 500 Europe, is currently in position 32, at most of the Polish organizations.

Only in 2024, the Orlen Group generated revenues of PLN 297 billion and the company’s EBITDA operating profit amounted to PLN 35.5 billion before write -offs. Capitalization, i.e. the value of all securities of the listed company remaining on the market is currently PLN 74 billion. This makes you under such a brand can look credible.

Another trick is the promise of a high and quick return on investment. To strengthen the message, fraudsters often use the image of famous people, for example celebrities or politicians. On false commercials you can find photomontages of Robert Lewandowski or Andrzej Duda.

The new weapon in the arsenal of fraudsters is generative artificial intelligence. The tools available in the network allow you to create images, sound and video using the image of real people; created in this way the so -called Deepfake is to increase the credibility of false advertising.

Cybercriminals use generative AI tools that allow you to create realistic news, graphics and movies. False messages often look like professional advertising content.

Fraudsters more and more bold

Dangerous links can be found even in Google search results after entering the phrase “Orlen investments”. False ads also appear more and more often on information services, where advertising systems integrated with these portals are automatically served, e.g. Google Ads.

Only in the first quarter of 2025. The Computer Safety Response Team, appointed by the Polish Financial Supervision Authority and operating in its structures, reported to the company Meta, the Operator of the Facebook social network, over 1,500 ads of false investments, referring to pages conducted by fraudsters.

There is no indication that this trend is to turn around. This is evidenced by statistics regularly made available by CSIRT KNF. Experts, who deal with monitoring and analysis of cyber criminals, extorting funds on a daily basis, as well as detecting and blocking fraudulent pages alert the constantly growing number of detected dangerous domains.

While in 2021 CSIRT KNF identified and reported to block 11,468 domains, through which cybercriminals stole the data for login for electronic banking, information on payment cards or personal data, in 2022 there were 17.2 thousand, and in 2023 – over 30,000 In 2024, a record 51.2 thousand was detected. dangerous domains, of which – attention – almost 46 thousand, i.e. over 89 percent, concerned false investments.

What does Orlen do?

The Orlen Group has been warning against fraud for years. As part of the information campaign, the concern publishes messages in the media, conducts educational activities and informs about the methods of cyber criminals, including at: www.orlen.pl/pl/stotrzebam

Orlen reminds that:

does not run any campaign encouraging investment in financial instruments, guaranteeing a quick and high return,
The company’s employees do not contact clients on investment by phone.
The company’s communication takes place only through the official Orlen.pl and OrlenewPortfelu.pl websites or the official profile of the Orlen Group on YouTube.com.

How to invest safely?

Orlen securities can only be purchased through licensed brokerage houses and banks conducting brokerage activities. The list of these institutions is available on the website of the Polish Financial Supervision Authority. Before implementing the investment, you should check both whether the entity is on the KNF list and whether he has found a list of public warnings kept by the Commission.

Investment decisions should not be made based on online advertising. With the highest care of caution, you should approach contact attempts on the part of persons claiming to be investment or financial advisors, whose identity cannot be verified in any way (for comparison: a connection with a consultant calling from the bank can be authorized by a bank mobile application on a smartphone).

We also warn against providing such people with confidential information in form, e.g. a scan or photo of an ID card, login data in electronic banking, payment card number or CVV number. Any interaction to install in an additional software device, for example, enabling remote access to it, should be treated as a potential threat.