You’ve received an official-looking email asking for your bank information. Be careful!

Description of the fraud

  • You’ve received an email showing the logo of your bank, insurance provider, or government service.
  • This email asks you to send your personal information, such as your bank information and your password, or to follow a link to update your information.
  • The email can also threaten your account’s closure or administrative fines if you do not act.
  • You fall into the trap and give your information to the fraudster.
  • A large sum is withdrawn from your bank account.

You are a victim of Phishing: fraudsters take on an identity to steal personal information

Methods used

  • The email displays a financial mistake in your favor. They then invite you to follow the procedure to receive your reimbursement.
  • The fraudsters can present themselves as social networks, online buying and selling platforms, or platforms for the spread of digital content.
  • The General Data Protection Regulation (GDPR) can be invoked to request your personal information.

What to do if you are a victim of phishing scam?

  • Immediately change all passwords you gave to the fraudsters.
  • If you gave them your bank information, cancel your card and watch all activity on your account.

How to avoid the trap

  • Know that no bank or public body will ask you for important information over email.
  • Do not give in to the threats, especially if the fraudsters ask for your information over the phone (in this instance, it is called Vishing or Voice phishing).
  •  Check with the bank or public body to see if they sent the email. If you are a company’s customer and you receive an unexpected email from them, do not click on any link in this email. Call Customer Service or access your account directly online.
  • Never send personal information (like your bank account details) over the Internet or by mail. Never reveal your password either.
  •  Fraudulent emails can contain subject lines such as “verification requested”, “your account’s security”, “confirmation of information”, “updates to your personal information”. This is not to say that every email with subject lines like these is fraudulent, but that you must make sure it comes from the real source and not from a fraudster.
  • Verify the email address of the distributor: does it conform to the name of the company? In principle, a bank or any other civil service / administration will not use a free email service. As well, sometimes one or two letters can betray the authenticity of the email service used, or the website from which it was sent.
  •  Be careful when presented with emails containing spelling or grammar mistakes, or written in broken language.
  • Be suspicious of standardized emails, beginning with “Dear customers” and that tell you that you need to update your personal information or files.
  • If the email contains a suspect link to another website, solicit an expert’s opinion on the website phishing initiative.
  • Ask yourself if it seems likely to receive an email of the sort.
  • The best course of action is to never open suspicious emails. But if you do, don’t click on any links and never download any file attachments.

Funded by the European Union. Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union or the European Innovation Council and Small and Medium-sized Enterprises Executive Agency (EISMEA). Neither the European Union nor the granting authority can be held responsible for them.