Messages from authoritative sources aren’t always reliable. Think before you share your information!

bank phishing emails

Phishing refers to fraudulent emails that try to trick recipients into sharing their personal, financial or security information.

Signs

Scammers use fraudulent emails to try and deceive you.

placeholder

The email may look identical to the kind of communications that banks send.

placeholder

They ask you to download an attached document or click on a link.

placeholder

They convincingly replicate the logos, layout and tone of actual emails.

placeholder

They use language that conveys a sense of urgency.

Cybercriminals rely on the fact that people are often busy and, at first glance, these fake emails appear to be genuine. As a result, recipients take the email content seriously and act accordingly.

How to avoid phishing attacks

  • Keep your software updated – this includes browsers, antivirus and your computer's operating system.
  • Be especially careful if the email you received asks for sensitive information (e.g. the password of your online account). Your bank only communicates in a secure mode, in the reserved area of your home banking app.
  • Read the email carefully: look for inconsistencies and anything that just doesn’t add up.
  • Look out for small differences in the sender’s address: a zero might look like an “o”.
  • Hover the mouse over the sender's address and examine it carefully; if you can, compare it with previous messages you have received from your bank.
  • Check for spelling and grammar mistakes.
  • Do not respond to suspicious emails; instead, forward them to your bank, typing in the correct e-mail address yourself.
  • Do not click on links and/or download the attachment, but instead type the address into your browser.
  • Be careful when using a mobile device. It might be more difficult to spot a phishing attempt from your smartphone or tablet. You can’t “hover” over a suspicious link and the smaller screen makes it difficult to detect errors. If it is a fraudulent email, report it to your bank. If in doubt, contact your bank.
placeholder

Cybercriminals rely on the fact that people are busy; at first glance, these fake emails appear to be genuine.

placeholder

Be careful when using a mobile device. It might be more difficult to spot a phishing attempt from your phone or tablet.

bank phishing SMS texts

Smishing (a combination of the words SMS and phishing) describes fraudsters’ attempts to obtain personal, financial or security information via SMS texts. They claim to be a legitimate source, such as a bank, financial institute or service provider.

Signs

Scammers use fraudulent emails to try and deceive you:

placeholder

This kind of message asks you (usually with a sense of urgency) to click on a link to a website or call a phone number to verify, update or reactivate your account. The link leads to a fake website and phone number, and the call is answered by a scammer who pretends to work for an existing company. The aim is to trick you into revealing information that can help scammers to steal your money.

How to avoid falling victim to smishing

  • Don’t click on links, attachments or images you have received via text messages without checking the sender’s identity. You can do this by searching the number online (if it is a scam, you might not be the first victim!) or comparing it with the official number of the sender from whom you have seemingly received the text message.
  • Don’t rush it. Take your time and make the necessary checks.
  • Never respond to a text message that asks for your PIN, online account password or other security credentials.
  • If you think you have answered a smishing message and have supplied your bank information, contact your bank immediately.

Bank vishing phone calls

Vishing (a combination of the words voice and phishing) is a telephone scam in which fraudsters try to trick the victim into disclosing personal, financial or security information or into transferring money.

Cosa fare per evitare il vishing

  • Be wary of unsolicited telephone calls from companies or organisations you have not approached.
  • Note down the caller’s number and tell them you will call them back.
  • To check the caller’s identity, look for the phone number of the company or organisation (on their website or by searching online) and contact them directly.
  • Don’t give credit to the scammer by using the phone number they have given you (it could be a fake or counterfeited number).
  • Scammers can find information about you or about your business online (e.g. through social media). Do not trust callers merely because they have this information.
  • Do not give out the PIN number of your credit or debit card or the password of your online banking app. Your bank will never ask you for such information.
  • Do not transfer money to another account at someone’s request. Your bank will never ask you to do so.
  • If you think you have been targeted by a phone scam, report it to your bank.