Before continuing, let us explain what we use cookies for. This CaixaBank website collects data on your browsing using its own and third-party cookies, which we analyse to:

  • Improve our website, products and services.
  • Customise the content (e.g., with video recommendations for you).
  • Customise the advertising you see for our products or services.

The content and advertising are personalised using a profile of you created from your browsing data (for example, what sections of our site you visit). You can find out more about how we use cookies in our Cookie policy.

Set up cookies
Reject
Accept
  • Personal Banking
  • Business Banking
  • EN
    Spanish language. Press to change

    Spanish language. Press to change

    Close
    • Spanish
    • Català
    • Euskera
    • Galego
    • Valencià
    • Deutsch
    • English
    • Français
Open account

CaixaBank (Go to home)

Access Open account

CaixaBank (Go to home)

Open your account Access
 
  • ...Searching!

    Soon we will show results

  • Follow your search

    More results

  • Security
  • Avoid the new traps used by cybercriminals

Avoid the new traps used by cybercriminals

Cybercriminals know that users are most vulnerable to their attacks during times of change and transformation. With the onset of the global pandemic, for example, they took advantage of the fear caused by the public health emergency, and used the coronavirus as bait for their cyberattacks. 

With the merger between CaixaBank and Bankia, the millions of customers must be more alert than ever to possible scams targeting them, since there are an increasing amount of attacks that impersonate CaixaBank and Bankia.

The messages used by cybercriminals are evolving, as they tailor them to the current merger process and to customers' day-to-day lives. The transition from Bankia's old online banking system to the CaixaBankNow app is now the main bait for their scam messages.

How can you identify these attacks?

These scams can use multiple routes of attack, even combining more than one to try to gain the victim's confidence. Whether by means of emails, fake SMS or fraudulent calls, cybercriminals usually always try to create the feeling of urgency with the victim with highly relevant arguments. They invite you to click on an illegitimate link in order for the victim to enter confidential details on a false website or to download malware. Once the user enters their details, they will be in the hands of the cybercriminal, who can use them to steal their identity to, for example, try to access their online banking. 

 

These attacks can also look very different: with a mistake in the text, or without a single spelling mistake; with fake CaixaBank and Bankia logos, or the real ones copied from legitimate websites. But don't fall into the trap of believing that scam messages always have poor spelling or look strange. Cybercriminals continue to improvise and create messages that are increasingly difficult to spot. 

How can you avoid them?

Users must learn to carefully analyse all communications they receive before opening any link or attached document or disclosing information to third parties by any means, following these key points:

The golden rule to avoid falling for this type of scam

Log in to CaixaBank Now only from the official app or via www.caixabank.es.

Remember that neither CaixaBank nor any other legitimate company or institution will ask its customers to disclose their login passwords for their online banking or online services. You must never share your passwords, your personal details or your phone number with anyone.

If it is an urgent message, stop: think twice

Cyberattacks usually inform users, via SMS or fake emails (smishing and phishing, respectively), that their bank accounts have been blocked. This is something that causes great concern for the user and may cause them to click or disclose information without considering whether the message makes sense. 

So before doing anything, think: Does it make sense for my bank, this person or any other company to send me this message?

Is the sender who they say they are?

The body of the message, the subject, the signature, the logos, etc., can all be easily manipulated in a phishing email to impersonate any person or institution, such as CaixaBank. Even the sender, the address from which the email is sent, can be manipulated and display a very similar address or even the same as the bank's actual address. 

The same is true for fake SMS. Both the text of the message and the phone number that appears on the screen can be manipulated and show one that is very similar or the same as the legitimate telephone number. 

So the first thing you should do is carefully check the sender's email address or number to rule out any possible manipulation.

Watch where you click

To ensure that links are legitimate, check where they lead before opening them.  If they are in an SMS, the safest option is to access the information offered through the app itself or the website of the service.

Clear up any doubts

If you cannot be 100% sure of the legitimacy of a message, whether it comes from a friend, a colleague or a company, before clicking on links or annexes, it is always advisable to contact the sender via another official channel (by telephone, for example) to confirm the authenticity. This way you can determine if the message received is genuine or not.

And if you detect suspicious transactions in your account or you have provided your details in what you think is a fraud campaign, contact your branch manager immediately or call the customer service helpline 24 hours a day at 93 887 25 25/900 40 40 90 or +34 938 87 25 25 if you are abroad.

Don't forget: Only log in to CaixaBankNow from the official app or via www.caixabank.es. CaixaBank will never ask you for personal or bank details or your phone number by email or SMS.

    • Contact us Got a question? We’re here to help you.
    • Customer support Access to submit an official complaint.
    • Online banking From your computer or your phone.
    • Set an appointment Through the CaixaBank app or website.
  • Products

    • HolaBank Account
    • HolaBank Cards
    • HolaBank Mortgage
    • Interest-bearing Deposit
    • Insurance
  • It may interest you

    • Digital Banking
    • HolaBank Club (Opens in a new window)
    • Moments Discounts
    • Sustainable products
  • Corporate information

    • Corporate website (Opens in a new window)
    • CaixaBank Research (Opens in a new window)
    • Awards and acknowledgements (Opens in a new window)
    • Headlines
    • Sustainability (Opens in a new window)
    • Work with us (Opens in a new window)
    • Accessibility
    • CAS
    • CA
    • ENG
    • FRA
    • DEU
    • VAL
    • EUS
    • GAL

© CaixaBank, S.A. 2025

  • Cookies policy
  • Privacy
  • Legal notice
  • Interest rates and information
  • MIFID
  • Legal information about CaixaBank, S.A.
  • Sello de Excelencia EFQM (Abre en ventana nueva)
  • Western Europe
  • Banco más innovador (Abre en ventana nueva)
  • Certificación ISO
  • AQmetrix