How to prevent phishing attacks on your bank account

N26
N26
Feb 8, 2018 · 5 min read

The state of phishing

Phishing is the attempt to obtain sensitive information such as usernames, passwords, and credit card details (and money), often for malicious reasons, by disguising as a trustworthy entity in an electronic communication. —

How to prevent a phishing attacks on your bank account — N26 Magazine

How does phishing work?

Phishing is usually done over e-mail or instant messaging, sending the user via a link to a an “apparently legitimate” site where they gather the user’s data or are infected by malware (ie. trojan).

There isn’t a one-size-fits-all defense against phishing attacks.. Phishing can come in all shapes and forms, even someone lying to you in person. So while you can’t avoid liars after your info, you can get better at spotting them.

Criminals can launch targeted phishing campaigns directed at employees’ organizations or their customers. It’s a bit like a criminal marketing campaign.

In the same way that marketing is becoming more innovative and intrusive, phishing will become more targeted and effective.

Phishing and banking

Since banking is “where the money is,” phishing practices have evolved to better compromise banking and financial information. One out of four phishing targets and these are attacks are becoming .

Online banking phishing scams are constantly evolving. So, at N26 it’s something we’re always on the lookout for.

How to protect yourself from phishing

N26 will never contact you personally for information related to your account (login, password, Credit card number…), or your identity (ID card, Social Security number…). We will not contact you to get an information that we already have.

A phishing attack normally works by creating a false feeling of security. Most phishing emails or websites look just like real ones. The whole point is to fool you into giving away your access information.

Example of an N26 phishing website

6 ways to protect yourself from a phishing scam attempt

  • Do not share your bank login with anyone, even if the person claims to be a bank employee.
  • Choose an email provider that offers two-factor authentication as well as spam, malware and phishing filters and will display an alert if something look suspicious.
  • Only use your login on the official bank app (ie. N26 app link), never download the application from somewhere else. If you’re an N26 customer, never use login informations on another domain than or
  • Copy and paste URLs from emails and check them before visiting
  • But particularly — don’t click on a link if you received an email that asks you to perform an action that you didn’t initiate (reset password, validate your account…)
  • Always check a link before clicking on it. Hover over it to preview the URL, and look carefully for misspelling or other irregularities.
  • Bank websites always make use of HTTPS on their websites. If you cannot see the green lock icon in the browser or see the “https” prefix before the site’s URL, \ it’s likely that the site isn’t secure. Here is how should appear in different browsers.

Internet Explorer 11

Microsoft Edge

Firefox

Safari

Chrome

Here are some clues that might give away a phishing attack after your bank information

  • Messages with misspellings and typos, multiple fonts or oddly-placed accents.
  • Messages that claim to have your password attached. A bank should never send you your password as an attachment,
  • Mismatched links. Hover over a link and make sure the link actually goes to the place shown in the email.
  • Messages asking for your personal information. If you’re an N26 customer, we will never ask you for:
    ○ Your account password
    ○ Your social security number or tax identification number
    ○ Your full credit card number or PIN
  • Messages claiming that your account will be deleted or blocked unless you take immediate action.

What to do and not do if it seems phishy?

Be wary of any unusual requests and trust your gut If a request seems suspicious, it probably is!

If a request seems suspicious

Don’t

  • Click on any links
  • Open or download attachments
  • Reply
  • Trust contact information displayed in the email

Do

  • Report it to your bank. For N26 uses, please forward the suspicious message to .
  • Check if the request is legitimate. Feel free to call our Customer Support service using our number .

Going further

  • Limit the personal information you disclose on social media or on the internet (including other websites, your emails, etc.).

At N26 we take security very seriously. We are a bank with a solid tech foundation So if there is a risk, you can believe we know about it. We’re constantly working to and are on a mission to help you and the world be a bit more security savvy.

We hope you find this article interesting and helpful!

The N26 Security Team.


Interested in joining one of our teams as we grow?

If you’d like to join us on the journey of building the mobile bank the world loves to use, have a look at some of the roles

InsideN26

It takes people of all makeups to create a bank that adapts to the needs of millions. That's why we mix data, intuition, and heart. To build a powerful tool, to make life that much easier. We're some of the best at what we do. And want you to be too.

N26

Written by

N26

We’re Europe’s first mobile bank. Follow us for articles about banking, technology and expat life.

InsideN26

InsideN26

It takes people of all makeups to create a bank that adapts to the needs of millions. That's why we mix data, intuition, and heart. To build a powerful tool, to make life that much easier. We're some of the best at what we do. And want you to be too.