Security

Press to expand
Back to top

Bank fraud

How to protect yourself against it





What is a bank fraud and how can it affect you?

 

Bank fraud means any attempt to trick you to obtain money or personal information. It can appear in various forms – deceptive messages, suspicious calls, or hidden methods to gain unauthorized access to bank accounts. Be careful and protect your data!

Need help? Report any suspicious activity:

E-mail: infocenter@unicredit.ro

Phone: +40 21 200 2020

Blocking card: 0800 888 111

  • Avoid replying to messages that requires personal or financial information. If you receive messages asking for personal information or a link, ignore them. It could be a sign of bank fraud.
  • Don't install apps or access suggested sites received through unsolicited phone calls or messages.
  • Make sure you access banking apps directly from official sources, such as the bank's website or mobile app, and not through links received via SMS or email.

How do you recognize and prevent various types of bank fraud?

Phishing and Smishing (suspicious emails and SMS):

How happens?

  • You receive messages asking you to record your card details or passwords or
  • You receive links that lead to webpages that look like the bank's website (even though you're not that bank's customer or haven't requested any additional products), but it's a fake site.

How to protect yourself from this type of fraud: Don't provide personal or financial data. Report any suspicious messages, emails or accounts to the competent authorities and to the bank.

 
 
 
 

 

Spoofing (fake phone calls):

How happens: Someone calls you, pretends to be from the bank and request for the card PIN/ payment applications, other personal data or asks you to transfer some money. The fraudster creates pressure by insisting to act immediately, sometimes suggesting you not to tell anyone about the call, including the bank. Request for as many details as possible about the reason for the received call to make sure that the caller is from the bank.

How to protect yourself from this type of fraud: Hang up the call and call the bank immediately using the official numbers.

Skimming (ATM frauds):

How happens? Attackers stick hidden devices at ATMs to copy your card data (e.g. the keypad or card insertion slot are duplicated/overlapped).

How to protect yourself from this type of fraud: 

  • Make sure that the ATM does not have traces of vandalism, glue, connected devices or marketing flyer boxes/stands;
  • Cover the keypad every time you enter your PIN and avoid ATMs located in isolated areas.

Social media frauds:

How happens? Fake accounts that invite you to share your personal information or make various payments.

How to protect yourself from this type of fraud: Do not discuss personal data on social media platforms and report suspicious accounts directly on the platform.

Frauds related to cryptocurrencies, stock market investments or direct investments in energy/oil/gas companies:

How happens: Have you open ads on Youtube, Facebook or other social networks that have transferred you to dubious sites that requires you for personal data to further be contacted by phone by an investment broker? Have you received offers that promise huge investment gains? It's a trap.

How to protect yourself from this type of fraud: Check the legitimacy of the offer and do not send money or personal data to strangers.

WhatsApp frauds

How happens: Malicious persons who could pretend to be friends, family members or representatives of institutions, under various pretexts, can ask you for a WhatsApp verification code received, they can send you a code with the indication to enter it in the WhatsApp application for device pairing or they can send you a link to a site where it is requested to enter the phone number and a code in the Whatsapp application;

How to protect yourself from this type of fraud: Don't transfer money as a result of the request received through the WhatsApp app. Before making any transfer, make sure that the request based on which you make the transfer is an authentic one, call the person from whom you received the request to confirm!

What can I do if I have clicked on a suspicious link and provide information on payment instruments (card, internet / mobile banking)?

 

1. Block the card immediately:

You can do this from the Mobile Banking app or by calling the bank's emergency number to report the fraud.

 

2. Change passwords

Change passwords where possible for remote payment instruments.

 

3. Check your device (phone, laptop, computer):

Install and run an antivirus to identify possible threats.

 

4. Notify the authorities:

Report the incident to the Romanian Police (petitii@politiaromana.ro), the National Directorate of Cyber Security (DNSC) through the PNRISC platform or by calling 1911 and the Bank (infocenter@unicredit.ro).ca (infocenter@unicredit.ro). 

How can I stay protected online?

 
  • If something sounds too good to be true, it could be a fraud. 
  • Don't open attachments or click on links that look suspicious.
  • If you're asked for confidential information (banking information, passwords), refuse to provide data until you confirm the authenticity of the message.
  • Do not provide your bank card details (card number, CVV code, PIN) to receive money. If someone needs to send you money, they need to ask for your IBAN. The card is used as a payment instrument, NOT as a income tool, unless the merchants will refund the money on your card when you physically return a product!
 
  • Install an antivirus and update it regularly. 
  • Scan your device if you suspect it may be compromised.
  • Check if the website you are accessing is reliable for shopping (the presence of the padlock symbol in the address bar, the payment methods on the site, the MasterCard SecureCode and Verified by VISA logos).
  • Do not use the option to remember the card number in your browser.
 
  • Learn how to recognize bank fraud and what steps to take to protect yourself.
  • Always check before following up on requests from strangers.
  • Get information only from official and reliable sources (e.g. www.dnsc.ro, www.sigurantaonline.ro, www.unicredit.ro the Security section).
 
 

Your online safety starts with information and prevention!

If you have any questions or need assistance, the UniCredit team is here to support you.

Questions & Answers

Currently, the most exploited methods of bank fraud are phishing and vishing, but attackers frequently change their way of operating and identify new options to try to obtain personal data, taking advantage of the trust and, in many cases, lack of knowledge of users to commit fraudulent acts.

To keep you safe, avoid answering an email/phone call asking for confidential, financial, or personal information.

Don't risk when it comes to security: it's important to recognize phishing attempts so you don't fall into fraudster net.

Lately, attackers pose as bank officials and falsely use bank phone numbers or similar phone numbers.

  • Refuse calls that seem suspicious to you from the start, even if they claim to come from banks or other authorities and their or similar phone numbers appear. 
  • DO NOT provide anyone with personal data on the phone or bank details (username, Mobile/Internet banking password, card number, security code written on the card cover , card PIN, etc)! The bank never asks for information regarding passwords to access the bank account, data from bank cards or data used to authorize card payments / in Mobile Banking / Online Banking (internet banking application). Do not respond to such requests and hang up immediately the call.
  • Always check the official phone number of the entity from which you are called on official communication channels, before giving out personal information.
  • The bank never calls its clients to cancel loans or to promise them the recovery of sums of money.
  • Report suspicious calls. If you receive a call that seems suspicious, immediately inform the bank/institution on whose behalf the call was claimed to quickly help identify the fraud attempts.

To avoid online fraud, make sure that the websites you use for online shopping are safe. Also, make sure that the name of the page in the accessed link does not contain spelling mistakes or strange characters and do not keep the card data saved in the browser, as such practices can increase the risk of bank fraud.The more well-known the online stores you intend to buy from, the higher the chances that their websites will be safe. Check the site's search bar for an image of a 'padlock' and for the site's address to start with HTTPS (the letter 'S' is an indication that the page is secure).

Also, make sure that the name of the page in the accessed link does not contain spelling mistakes or strange characters and do not keep the card data saved in the browser, as such practices can increase the risk of bank fraud.

Data security is particularly important to us. In order to prevent bank fraud, we take care that any information relating to our customers, employees or partners remains confidential and is processed in accordance with legal requirements.

In order to ensure an adequate level of security regarding the processing of personal data, the Bank has implemented technical and organizational measures regarding: pseudonymization and encryption of personal data where the situation requires it, ensuring the confidentiality, integrity, availability and resilience of the processing systems and services, the ability to restore the availability of personal data and access to them in the event of an incident of a physical or technical nature, the processes for the periodic testing, evaluation and assessment of the effectiveness of technical and organizational measures to guarantee the security of processing.

Specific measures to address operational and IT security risks include network and system security, data security, data availability, identity and access management, connection and monitoring of production environments, organizational and human security measures, deliberate protection of IT data, notification procedures on data privacy breaches.

Connecting to public Wi-Fi networks can increase the risk of bank fraud. It is recommended, as much as possible, not to connect to public Wi-Fi networks. But if you don't have any other option, you should never access confidential or private information while using public Wi-Fi. By connecting to these systems, we expose ourselves directly to a cyber-attack. Criminals can collect our information to later sell it to other fraudsters or even use it themselves, for theft purposes or even to impersonate us.

A bank fraud can be detected early by monitoring your account frequently. Check the transactions in your bank account at least twice a week and, if possible, activate the SMS or push notification alert service in the Mobile Banking app, which automatically notifies you of any transactions that involve the release of money from your account. If you notice any transactions or fees that are strange, contact the bank immediately and ask for clarification, and in the case of unsolicited transactions, report the situations immediately and communicate information that can help identify the origin of the crime.

You can monitor in the electronic applications you use (Online/Mobile banking), such as the modified account balance, pending payments or transactions that you do not recognize.

If you identify any suspicious changes or have fallen into the fraudsters trap of fraudsters, have given them your personal or bank details, have installed unknown applications on your device, please immediately call the Info Center service, available 24/7, at the numbers: +40 21 200 2020 or *2020 to report a possible bank fraud.

If you suspect that your card details have been compromised, you have the option to instantly block your card from the Mobile Banking app. 

If you are a victim of fraudsters or believe that they have tried to gain access to your bank details, please contact UniCredit Bank using official channels (at +40 21 200 2020 or by email at infocenter@unicredit.ro), the Romanian Police and the National Directorate of Cyber Security (DNSC).

Never reveal your card information to other people, such as the card number, expiration date, the 3-digit security code on the back of the card – CVV/CVC or PIN, static password or 3D secure password. 

When shopping online, make sure of the authenticity of the website and the reputation of the merchant. By providing card data and codes received by SMS, you actually offer the possibility for criminals to steal money from your account. Do not provide your bank card details (card number, CVV code) to receive money. If someone needs to transfer money to you, they need to ask for your IBAN, not your card ID. Providing your card details to unknown people can lead to serious bank fraud.. 

Personal and financial information should not be disclosed to unauthorized, unknown persons who contact you either by phone, social media or email. To avoid bank fraud, it is recommended to check the authenticity of the recipient. 

If you have any questions or need assistance, the UniCredit team is here to support you. You can contact us through the Info Center service, available 24/7, at the numbers: +40 21 200 2020 or *2020.

  • Ignore urgent requests for personal data, passwords or PINs, it could be a sign of bank fraud. 
  • So are messages promising quick wins or requesting you to transfer money to "secure" accounts.
  • Calls from unknown numbers or from other countries, especially if you don't expect to be contacted.

Questions & Answers

Currently, the most exploited methods of bank fraud are phishing and vishing, but attackers frequently change their way of operating and identify new options to try to obtain personal data, taking advantage of the trust and, in many cases, lack of knowledge of users to commit fraudulent acts.

To keep you safe, avoid answering an email/phone call asking for confidential, financial, or personal information.

Don't risk when it comes to security: it's important to recognize phishing attempts so you don't fall into fraudster net.

Lately, attackers pose as bank officials and falsely use bank phone numbers or similar phone numbers.

  • Refuse calls that seem suspicious to you from the start, even if they claim to come from banks or other authorities and their or similar phone numbers appear. 
  • DO NOT provide anyone with personal data on the phone or bank details (username, Mobile/Internet banking password, card number, security code written on the card cover , card PIN, etc)! The bank never asks for information regarding passwords to access the bank account, data from bank cards or data used to authorize card payments / in Mobile Banking / Online Banking (internet banking application). Do not respond to such requests and hang up immediately the call.
  • Always check the official phone number of the entity from which you are called on official communication channels, before giving out personal information.
  • The bank never calls its clients to cancel loans or to promise them the recovery of sums of money.
  • Report suspicious calls. If you receive a call that seems suspicious, immediately inform the bank/institution on whose behalf the call was claimed to quickly help identify the fraud attempts.

To avoid online fraud, make sure that the websites you use for online shopping are safe. Also, make sure that the name of the page in the accessed link does not contain spelling mistakes or strange characters and do not keep the card data saved in the browser, as such practices can increase the risk of bank fraud.The more well-known the online stores you intend to buy from, the higher the chances that their websites will be safe. Check the site's search bar for an image of a 'padlock' and for the site's address to start with HTTPS (the letter 'S' is an indication that the page is secure).

Also, make sure that the name of the page in the accessed link does not contain spelling mistakes or strange characters and do not keep the card data saved in the browser, as such practices can increase the risk of bank fraud.

Data security is particularly important to us. In order to prevent bank fraud, we take care that any information relating to our customers, employees or partners remains confidential and is processed in accordance with legal requirements.

In order to ensure an adequate level of security regarding the processing of personal data, the Bank has implemented technical and organizational measures regarding: pseudonymization and encryption of personal data where the situation requires it, ensuring the confidentiality, integrity, availability and resilience of the processing systems and services, the ability to restore the availability of personal data and access to them in the event of an incident of a physical or technical nature, the processes for the periodic testing, evaluation and assessment of the effectiveness of technical and organizational measures to guarantee the security of processing.

Specific measures to address operational and IT security risks include network and system security, data security, data availability, identity and access management, connection and monitoring of production environments, organizational and human security measures, deliberate protection of IT data, notification procedures on data privacy breaches.

Connecting to public Wi-Fi networks can increase the risk of bank fraud. It is recommended, as much as possible, not to connect to public Wi-Fi networks. But if you don't have any other option, you should never access confidential or private information while using public Wi-Fi. By connecting to these systems, we expose ourselves directly to a cyber-attack. Criminals can collect our information to later sell it to other fraudsters or even use it themselves, for theft purposes or even to impersonate us.

A bank fraud can be detected early by monitoring your account frequently. Check the transactions in your bank account at least twice a week and, if possible, activate the SMS or push notification alert service in the Mobile Banking app, which automatically notifies you of any transactions that involve the release of money from your account. If you notice any transactions or fees that are strange, contact the bank immediately and ask for clarification, and in the case of unsolicited transactions, report the situations immediately and communicate information that can help identify the origin of the crime.

You can monitor in the electronic applications you use (Online/Mobile banking), such as the modified account balance, pending payments or transactions that you do not recognize.

If you identify any suspicious changes or have fallen into the fraudsters trap of fraudsters, have given them your personal or bank details, have installed unknown applications on your device, please immediately call the Info Center service, available 24/7, at the numbers: +40 21 200 2020 or *2020 to report a possible bank fraud.

If you suspect that your card details have been compromised, you have the option to instantly block your card from the Mobile Banking app. 

If you are a victim of fraudsters or believe that they have tried to gain access to your bank details, please contact UniCredit Bank using official channels (at +40 21 200 2020 or by email at infocenter@unicredit.ro), the Romanian Police and the National Directorate of Cyber Security (DNSC).

Never reveal your card information to other people, such as the card number, expiration date, the 3-digit security code on the back of the card – CVV/CVC or PIN, static password or 3D secure password. 

When shopping online, make sure of the authenticity of the website and the reputation of the merchant. By providing card data and codes received by SMS, you actually offer the possibility for criminals to steal money from your account. Do not provide your bank card details (card number, CVV code) to receive money. If someone needs to transfer money to you, they need to ask for your IBAN, not your card ID. Providing your card details to unknown people can lead to serious bank fraud.. 

Personal and financial information should not be disclosed to unauthorized, unknown persons who contact you either by phone, social media or email. To avoid bank fraud, it is recommended to check the authenticity of the recipient. 

If you have any questions or need assistance, the UniCredit team is here to support you. You can contact us through the Info Center service, available 24/7, at the numbers: +40 21 200 2020 or *2020.

Spinning wheel animation

Loading

UniCredit Logo

Manage your Privacy

To provide the best experience, we and our partners use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us and our partners to process personal data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.

Select one of the options below according to your choices. You can update your choices at any time by clicking the "Update your privacy options" icon at the bottom left of the screen or in the "Digital" > "Privacy" from the footer menu.

We use your data for personalized ads and content, ad and content measurements, audience insights and product development as long as you accept all cookies.

Ads and content can be personalized based on a profile. More data can be added to better personalize based on a profile. More data can be added to better personalize ads and content. Ad and content performance can be measured. Insights about audiences who saw the ads and content can be derived. Data can be used to build or improve user experience, systems and software.

More details about the Cookie policy.

Note: If you press the ESC key or the X button, only the necessary cookies for the operation of the site will be used.