Skip to main content

Phishing 2026 — fake IRS, USCIS, bank, USPS: how to recognize and defend yourself

SMS/email/phone call from "IRS" about unpaid taxes? "USCIS" about a delayed case? "USPS" about a stuck package? The most common phishing scams of 2026 targeting the Polish community. How to recognize them, how to verify, where to report.

Phishing is an attempt to obtain data/money by impersonating a known organization. In 2026, phishing is more personalized thanks to AI — messages sound natural, include your name, the names of the bank you use, and Polish language without errors.

Most common phishing scams targeting the Polish community

1. "IRS — unpaid taxes"

  • Email / SMS: "IRS notice: you owe $4,372 in back taxes. Pay immediately to avoid arrest. Call 1-800-XXX-XXXX"
  • Or: "Click to verify your tax filing"
  • Truth: The IRS NEVER:
    • Calls as the first communication (always sends a letter first)
    • Requires payment in gift cards / Bitcoin / Western Union
    • Threatens arrest or deportation
    • Asks for your credit card number over the phone

2. "USCIS — problem with your case"

  • Email: "USCIS: Your I-485 needs immediate response. Click here to verify."
  • Phone: "This is USCIS. Your case has been compromised, we need your SSN."
  • Truth: USCIS communicates only through:
    • US Mail (Form I-797)
    • Your online account at my.uscis.gov
    • Email ONLY if you provided your email and only from @uscis.dhs.gov addresses
    • Never asks for payments over the phone
    • Never threatens deportation in SMS/email

3. "Bank — your account has been hacked"

  • Email: "Chase Bank: suspicious activity detected. Click to verify your account."
  • SMS: "Wells Fargo: confirm your transfer of $850 to John Smith. Reply YES or NO."
  • Phone: "This is Bank of America fraud department. We see suspicious charges. Read me your card number to verify."
  • Truth: Your bank:
    • Email/SMS are generic — "Dear Customer", not "Dear [Your Name]"
    • Links in messages lead to YOUR bank (not to bit.ly/xyz)
    • Never asks for your full card number / SSN over the phone
    • If in doubt — hang up, call the number ON THE BACK OF THE CARD

4. "USPS — your package is on hold"

  • SMS: "USPS: package on hold due to incomplete address. Update here: usps-track.co/xyz"
  • The link leads to a site mimicking USPS asking for a $2 "fee" + credit card information
  • Truth: USPS:
    • DOES NOT send SMS unless you signed up for "Informed Delivery"
    • DOES NOT ask for payment for a package via SMS
    • The official domain is usps.com — not usps-track.co, usps-delivery.info, etc.

5. "Apple/Microsoft/Google — your account has been compromised"

  • Email: "Your iCloud account has been suspended. Verify now."
  • Popup: "Microsoft alert: Virus detected. Call 1-800-XXX immediately!"
  • Truth: Big Tech DOES NOT:
    • Send pop-up alerts requiring a phone call
    • Require payment of $200-500 for "repair"
    • Remotely control your computer via TeamViewer / AnyDesk

6. "Polish tax office / ZUS"

  • Email in Polish: "ZUS: Unpaid contributions. Log in to settle."
  • SMS: "Tax Office: arrears of 2,134 PLN. Pay via secure link."
  • Truth: Polish offices do not manage matters of Poles abroad via SMS/email. If there is a real arrears — a letter will be sent in Poland. Links in Polish emails are almost always fake.

7. "PSFCU / PNA FCU" (Polish community banks)

  • Phishing targeting Polish customers of Polish banks
  • Email in Polish with the bank's logo
  • Asks for "re-verification due to system change"
  • Check: the domain must be psfcu.com (not psfcu-secure.com, psfcu.online, etc.)

8. "Polish Immigrant Center" / "Consulate RP"

  • Latest: scams impersonating Polish community assistance organizations
  • "Your passport requires renewal. Fill out the form."
  • "Consulate: Your case Polish Card. Pay $200."
  • Truth: Polish community organizations rarely ask for money via email. The consulate NEVER sends payment requests online with links.

How to recognize phishing — checklist

1. Sender's address

  • Check the full address — not just "Chase Bank", but "no-reply@chase.com" vs "no-reply@chase-bank.security-update.net"
  • Phishing often uses: chase-secure.com, banking-chase.net, chase-verify.help
  • Official Polish domains: gov.pl, zus.pl, podatki.gov.pl, mf.gov.pl

2. URL before clicking

  • Hover over the link (DO NOT click). In the lower left corner, see the real URL.
  • URL shorteners (bit.ly, tinyurl, t.co): suspicious if from an official organization
  • If mobile: long-press the link to see the URL before clicking

3. Message content

  • Generic ("Dear Customer") = red flag
  • Urgency ("ACT WITHIN 24 HOURS!") = classic scam technique
  • Spelling errors in the content (less in 2026, AI has improved, but they still occur)
  • Polish in English emails (or vice versa)
  • Strange logos / low quality

4. Attachments

  • .exe, .scr, .zip — NEVER open from unknown sources
  • .pdf — double-check
  • .doc/.xls with macros — disable macros in Office packages

5. Requests

  • SSN / date of birth / card number → NEVER via email
  • Passwords → no bank/office EVER requires this
  • "Log in via this link" → go to the bank's website yourself (type the domain in the browser)

Best defenses

1. 2-Factor Authentication (2FA)

Enable on all accounts. Even if a scammer gets your password, without the 2FA code they cannot access it.

Related: [[2fa-password-manager-how-to-secure-accounts]]

2. Password Manager

Unique password for each account. Bitwarden, 1Password, LastPass.

3. Email filtering

  • Gmail / Outlook has good spam filters
  • Activate "report phishing" — you teach the system to recognize scams
  • Add banks / offices to "safe senders"

4. Browser security

  • Use Chrome / Firefox / Safari with up-to-date versions
  • uBlock Origin or similar ad-blocker (blocks fake-malicious ads)
  • HTTPS Everywhere (enforces encrypted connection)

5. Do not open links from SMS

SMS with links → 95% are scams. Go to the organization's website yourself and check the matter.

What to do if I clicked / entered data

  1. Immediately change the password for that account and all other accounts where you used the same password
  2. Enable 2FA if not already
  3. Check transactions in all banks and cards
  4. Report to the bank if you entered financial data
  5. Credit freeze at 3 bureaus
  6. Report to the FTC: reportfraud.ftc.gov
  7. Report to the organization that the scam impersonated (e.g., Bank of America fraud line, USCIS phishing report)

Where to report phishing

  • FTC: reportfraud.ftc.gov
  • FBI IC3: ic3.gov
  • IRS phishing: phishing@irs.gov (forward email)
  • USCIS phishing: report.fraud@dhs.gov
  • USPS phishing: spam@uspis.gov
  • Email phishing: report to Gmail/Outlook "report phishing"
  • Polish office: cert.pl/zgloszenie for phishing in Polish

Frequently asked questions

Can I respond to an SMS from a banker?

NO. If in doubt — call the number ON THE BACK OF THE CARD (not from the SMS).

"A man from the consulate" called, asking for $200 for an urgent matter

Scam. The consulate NEVER requires payment over the phone. All fees are paid at the consulate in person or through their official portal.

I received an email from my CEO — asking about gift cards

This is a "CEO scam" / Business Email Compromise. Very popular in 2026. Verify by PHONE (do not reply to the email). 99% of such emails are scams.

I already uploaded a program from the popup "Microsoft Alert"

Turn off your computer. Call an IT specialist. Do not use this computer for banking/email accounts until it has been cleaned.

Official links

Related: [[ai-voice-scam-grandson-in-trouble-how-to-recognize]] · [[2fa-password-manager-how-to-secure-accounts]] · [[identity-theft-and-credit-freeze-how-to-secure]]

Official sources

Related topics:

Was this guide helpful?

Help others — share your experience

Answer one question below. Your answer will help people in similar situations.

Have you ever received a phishing message pretending to be from the IRS or USCIS? How did you recognize it?

Your response will be reviewed before publication.

Comments (0)

No comments yet. Be the first!


Add a comment

Log in to skip email verification, or comment as guest:

Comment may be moderated before publishing.