Good practice

How to prevent becoming a victim of fraud? How do fraudsters operate? Which methods do they use? How to secure your funds and personal data from extortion? We would like to share our knowledge in order to help ensure your safety.

We have been cooperating with financial institutions and law enforcement for years, gathering information on the most up-to-date methods used by offenders. We hire the most experienced security specialists who are constantly raising their qualifications and improving their knowledge by participating in courses and conferences.

Our goal is to efficiently protect your personal data, money and provide security for all transactions completed with us. In order for this to happen, we have implemented complex security and monitoring systems because our main goal is to protect our website from being attacked.

In order to prevent offenders from breaching our security measures and breaking into our system, we use methods of high, international standards and our safety specialists are constantly monitoring the system for infiltration attempts. Both our knowledge and experience in detecting offenses, along with implemented security solutions and methods of constant monitoring and developed contingency plans ready us for different scenarios and thusly we are able to address them adequately.

Our actions are not enough, we need your cooperation. As one of our users, you can do a lot to help to improve the safety of your money and personal data. In order to do this you don't have to follow expert websites or spend money or time. All it takes is some basic knowledge regarding good habits while using online currency exchange offices, online stores, auction portals or online banking. Through our mutual efforts, we are equipped to stand up to offenders. We share our knowledge to actively promote internet safety. Here are some basic rules:

  • Protect your password and login details. Do not write them down. Do not pass them on to a third party. It is always better to memorize them.
  • When setting a password, do not use data that can be easily connected to you, e.g. date of birth, your/ child's/ spouse's/ pet's name, eye colour, city you live in, etc.
  • Use password manager software (e.g. KeePass) and randomly generated passwords.
  • Change your password periodically, every quarter.
  • Do not use words from the dictionary or commonly known phrases as a password.
  • Do not reply to email messages where you are asked for your account access data. Remember! We never ask our users for their login details or password.
  • Secure your computer from malware by installing an antivirus program which updates periodically.
  • Do not use old internet browser versions.
  • Remember to update your operating system.
  • When completing a transaction, do not connect to the internet by a wireless network of an unknown source.
  • Do not open email attachments that are received from an unknown sender.
  • When making a money transfer, check carefully if the data received in text messages along with the authorisation code are correct. Authorize your transactions only when you are certain that these details are identical.

Your money is not the only target of fraud. Your personal data is also a target. Why? It's simple. Fraudsters rarely act under their own names. They mostly use third-party data. In order to do this, they acquire it by stealing the identity of other people. Stealing is not the only method fraudsters exploit, both surreptitious and authorised “borrowing” of ID cards are used to open bank accounts and/or to impersonate the owner.

Another method is to simply steal an ID card. This is why in case of loss or theft of your ID card or passport, you should immediately head to the police and report it. You should also inform your bank. They will insert the lost ID card’s serial number into their database of reserved documents. You will avoid the unpleasant surprise of finding out that someone took a loan or committed a crime using your data.

Phishing is also used by fraudsters. The fraudster pretends to be a representative of the company or institution, which you are familiar with and trust. In this way, they try to extort personal data, such as your access data (username and password) for online accounts, online banking or credit card numbers. Nothing seems to be suspicious: you receive an email expressing a request to log in and confirm your data. The message is similar to the emails sent by financial institutions or other websites: they have their graphics and contain their logo and because of this, no doubts are cast. However, the fraudster made sure that your data was not sent to the institution or store, but to them.

Another money extortion technique is the action of the fraudsters trying to install malware on your computer. This enables them to take control of money when you are making an online money transfer. Malware can be unconsciously installed by opening a file attached to an email from an unknown recipient. This kind of software can change the recipient's bank account number when sending a money transfer online. It can be counteracted by checking the transfer details thoroughly during its authorization e.g. via text message.

On September 14th, 2019, new regulations of the Payment Services Act and the PSD 2 Directive will come into force in Poland. As a consequence, the way of logging in to our portal will change. Apart from providing the login and password, you will also need to enter a one-time code sent to you by email or text message. Other important activities performed in your account at, such as ordering a payment transaction or changing the phone number, will also be authenticated the same way.

As a result of strong customer authentication implementation, customers will receive an increased number of emails from banks and payment institutions related to the topic. Fraudsters may try to exploit this situation by impersonating financial services providers. Their goal could be to defraud money, infect a customer`s computer, or collect personal data illegally.

Therefore, the brands from the Conotoxia Holding, and advise you to read emails content very carefully and, if possible, compare it with other emails received from It is worth reviewing the sender`s address and footer. contacts its customers by sending messages from [email protected] Our representatives can also contact you directly. In that case, the sender`s address will match the following template: [email protected]

Remember that or

  • never asks for login details directly in an email,
  • never asks you to install any software on your computer or mobile device.

Fraudsters can send emails that are confusingly similar to those we send to customers. We warn you not to open activation links and attachments included in the messages.

Email messages in which the senders impersonate brands form Conotoxia Holding can be reported to us by phone (+48 68 410 99 50) or email ([email protected]).

Read more about the strong customer authentication here.

Start chat