Hey bunqers 🌈
We strive to keep you and your money safe so that you can have the best banking experience ever. Although there are things that are out of our control, we want to keep you updated with the latest phishing and spoofing trends. You can check all the info you need regarding phishing and in particular spoofing below 🙌
❗️ Do you have suspicions regarding a phishing attempt? Report it directly to us in our report form and we'll investigate for you right away ❗
Important Note: Always be careful with your personal data and make sure to never share it with third parties. bunq would never contact you outside of the bunq app or its official channels and ask you to install any third party softwares, give your credentials, or any personal information (phone number, email address, Security Code, card number, IBAN, etc.). We will NEVER call you.
What’s spoofing?
Spoofing involves disguising the source of communication to make it appear as if it comes from a trustworthy entity when, in reality, it comes from an imposter. Scammers have been known to trick their victims by sending fraudulent links via SMS, Whatsapp or email. These messages or calls are made to seem as if they’re coming explicitly from our bunq telephone number.
❗bunq will NEVER call you via the phone. If you have any doubts of the message/call's legitimacy, don't provide any sensitive data to the respective person and contact us through the in-app chat or use support@bunq.com.
What types of Spoofing are most common?
Fake bunq phone calls ☎️
Fraudsters can call you and pretend they are bunq employees that want to help you by masking the number they're calling you from. By doing so, you get a call from an unknown number, or it may look like we’re calling you from our own 24/7 emergency hotline +31208083666. They may ask you to follow a link, confirm or give away personal information, download softwares (such as TeamViewer, AnyDesk, Remote Desktop Protocol (RDP), etc), make transfers, etc. All these actions could lead to the loss of access to your account(s) and your funds.
🦹 Examples of tactics used by criminals on the phone:
- Use the name of real bunq employees and ask you to check this employee's account on LinkedIn, to make sure they work for bunq.
- “Inform” you that suspicious activities were detected on your account, such as a new device being added and/or suspicious transactions being started.
- Convince you to follow their instructions immediately to keep your account safe, and pressure you to take quick action.
- Following complex processes to create a sense of credibility, such as transferring your call to other “departments”, asking you to save procedure number, etc.
❗Please be informed that we only use this number to receive calls from our users who need urgent assistance. bunq will never call you. If any suspicious activity is detected on your account, we'll apply additional restrictions and/or contact you through the bunq app.
If you receive a phone call from someone pretending to be us, please report it here.
Fraudulent SMS messages 💬
Scammers are quite witty and creative in the ways they use to get your money. To get your attention
and worry you enough so you follow their instructions without a second thought, they can send a wave of fake messages seemingly from bunq using alarming words and phrases such as 'Suspicious device login', 'Verification required', 'Block', etc. They will also include a link, seemingly for your convenience, that you need to simply follow in order to take quick action and protect yourself.
If you follow the link, additional instructions follow via different channels - on a fake website, or via phone call/audio call, or text message. For example, you can receive an SMS from a Belgian mobile phone, while the fraudsters then call from a Dutch number. At some point you may be asked to scan a QR code and enter your bunq login details. A text may look like this:
The fraudsters will pretend they need you to do this in order to ‘secure your account’, falsely pretending to be members of the bunq team in order to gain access to your account, as well as all the information and assets in it.
Fake emails 📧
Similarly tactics from SMS fraud can be applied via email. A situation of urgency is insinuated and they copy bunq design and style on the email, in order to increase your chances to believe that email is legit. Always check whether the email is sent from one of our official emails for user communication.
If you've received an email and you're not sure if it's spoofing, check out the actual domains we use to communicate with you through email:
- @bunq.com - This is our primary domain and is used for transactional emails.
- @update.bunq.com - This subdomain is dedicated to sending bunq Update invites and general announcements.
- @WE.bunq.com - This subdomain is used for marketing communications.
- @review@bunq.com - This domain is used when we require extensive information and request additional documents from you.
How will bunq help me if I’m a fraud victim?
We understand that during challenging periods, having a conversation can sometimes be more effective than exchanging messages. Rest assured, we're dedicated to providing support to our users at every step of the way. If you're a fraud victim, we're going to take the needed actions and set a call with you through our encrypted channels.
We’re going to contact you through our safe and encrypted in-app chat to make an appointment for a call. You're going to be kept informed about the situation and further steps, while we implement measures to prevent any recurrence. However, it's important to remember that bunq will never call you and therefore we’re going to be expecting your call on the appointed day.
Keeping you safe
We’ve implemented some in-app security features, adding an extra security layer to your bunq account:
-Detection for remote access software: To prevent further loss of funds, we've placed a security feature that identifies the use of remote access applications like AnyDesk. Upon detection, we’ll automatically place a payment limit on your bunq account to prevent potential fraudulent transactions.
- IBAN-name check: Reducing the chances of incorrect transfers and potential fraudulent transactions, we've implemented a feature that prompts you to verify and confirm the details if a mismatch is detected between the recipient's name and their IBAN.
- Extra security warnings: Helping you stay vigilant and avoid falling victim to scams, we've introduced additional alerts that will notify you during potentially risky actions such as approving a login, initiating a payment, or modifying your daily limit.
- Reset your Security Code: For your safety, all other active login sessions will end after you reset your Security Code. If you want to log into your bunq account on a new device, you need to again verify your identity. This measure enhances the security of your account, particularly if you suspect it has been compromised.
Further information about our security features keeping you safe from fraudsters, can be found here.
If you want to read more about how you can avoid phishing and spoofing scams, you can find out some of our tips here.
If you receive a suspicious phone call, SMS, or email from somebody who tries to persuade you they represent bunq, be sure to alert us using our report form.
Related topics
Want to learn more? Explore more bunq knowledge here ✨
