What phishing is?
Phishing is a scam to acquire confidential information on customers and their passwords by masquerading as another entity, normally a financial institution.
How they works - examples
- Attacks are made via fraudulent emails, SMS or phone calls by someone posing as another entity.
- The emails or SMS are redirected to a fraudulent website that looks like the authentic website. Here, users are asked to introduce personal data and passkeys, e.g. credit card numbers, PINs, passwords.
- Following are sample emails and webs that attempt to imitate those of CaixaBank.
- Remember, your name and surname, as well as the last few digits of your ID card should appear in the subject line. This information is not included in fraudulent emails.
In the following example, the linked page imitates Línea Abierta.
What does CaixaBank do?
- CaixaBank never asks for personal passwords, data or PINs by phone, SMS or email. Not even to renew or activate a card.
- Emails from CaixaBank also include links to a web page that does not request any password.
- Emails from CaixaBank never link directly to the Línea Abierta remote banking service.
- Emails from CaixaBank are easily identifiable. All include your name and the last few digits of your ID card in the subject line. Example:
When you access the Línea Abierta remote banking service, your name appears at the top of the screen:
In addition, the date and time of the latest connection appear in the lower left-hand side of Línea Abierta. Always verify that these data are correct.
Precautions
Be careful as fraudulent emails and websites can be highly complex and sophisticated.
In short:
- Fraudulent emails attempt to obtain personal information. CaixaBank never asks for user information, passwords or credit card data.
- Urgent messages threatening to suspend your account unless you provide data immediately are probably some kind of phishing. CaixaBank would never contact you via email for this reason.
- Requests for confirmation of personal data by email are another phishing tactic. CaixaBank does not ask for verification of personal data via email.
- Spelling mistakes and other errors may alert you to a fake email or website.
In case of doubt, call the Customer Care Service at once.