Hey bunqers 🌈
In view of recent increase in social engineering scams such as phishing, we would like to help you recognise this type of fraud, so you can keep your account secure. In this topic you’ll see what are the regular steps phishers follow to gain access to a bunq account.
How can fraudsters gain access to my account through phishing?
Exactly the same way you would - by logging into your bunq account on a new device with your credentials.
In order to do this, they need something only you know (i.e. your login credentials) and / or something only you have (i.e. your magic link or QR code).
How do phishing attacks happen?
- The fraudsters mimic bunq steps for verification or identification - steps that we’d actually never ask you to do outside the bunq app 👀
They send a fake SMS requesting you to fill in your credentials on a website linked in the text you receive from them.
- This website is fake and imitates the familiar bunq look but doesn’t work properly - once you click on the link in the SMS, you’ll be asked to fill in your login credentials (or whatever info is requested) in a suspicious looking website 🪤
Fraudsters often don’t spend much time creating these websites, so if you notice that the website has a lot of imperfections, spelling mistakes, or anything else that just seems strange, it’s probably not a genuine site.
- The phishers get your credentials once you input your login info on their website and hit send🔐
Your information will be sent to the phishers and once they receive it, they login on your account from a different device.
Note: bunq would never request your credentials, magic links, nor any personal information outside the bunq app.
Want to learn more? Explore more bunq knowledge here 🌈