Cybercriminals know that users are most vulnerable to their attacks during times of change and transformation. With the onset of the global pandemic, for example, they took advantage of the fear caused by the public health emergency, and used the coronavirus as bait for their cyberattacks

With the merger between CaixaBank and Bankia, the millions of customers must be more alert than ever to possible scams targeting them, since there are an increasing amount of attacks that impersonate CaixaBank and Bankia.

The messages used by cybercriminals are evolving, as they tailor them to the current merger process and to customers' day-to-day lives. The transition from Bankia's old online banking system to the CaixaBankNow app is now the main bait for their scam messages.

How can you identify these attacks?

These scams can use multiple routes of attack, even combining more than one to try to gain the victim's confidence. Whether by means of emails, fake SMS or fraudulent calls, cybercriminals usually always try to create the feeling of urgency with the victim with highly relevant arguments. They invite you to click on an illegitimate link in order for the victim to enter confidential details on a false website or to download malware. Once the user enters their details, they will be in the hands of the cybercriminal, who can use them to steal their identity to, for example, try to access their online banking. 


These attacks can also look very different: with a mistake in the text, or without a single spelling mistake; with fake CaixaBank and Bankia logos, or the real ones copied from legitimate websites. But don't fall into the trap of believing that scam messages always have poor spelling or look strange. Cybercriminals continue to improvise and create messages that are increasingly difficult to spot. 

How can you avoid them?

Users must learn to carefully analyse all communications they receive before opening any link or attached document or disclosing information to third parties by any means, following these key points:

And if you detect suspicious transactions in your account or you have provided your details in what you think is a fraud campaign, contact your branch manager immediately or call the customer service helpline 24 hours a day at 93 887 25 25/900 40 40 90 or +34 938 87 25 25 if you are abroad.

Don't forget: Only log in to CaixaBankNow from the official app or via CaixaBank will never ask you for personal or bank details or your phone number by email or SMS.