Hey bunqers 🌈
We strive to keep you and your money safe so that you can have the best banking experience ever. Although there are things that are out of our control, we want to keep you updated with the latest phishing and spoofing trends. You can check all the info you need regarding phishing and in particular spoofing below 🙌
❗️ You have suspicions regarding a phishing attempt? Report it directly to us in our report form and we'll investigate for you right away ❗
Important Note: Always be careful with your personal data and make sure to never share it with third parties. bunq would never contact you outside of the bunq app or its official channels and ask you to install any third party softwares, give your credentials, or any personal information (phone number, email address, security code, card number, IBAN, etc.)
What’s spoofing?
Spoofing involves disguising the source of communication to make it appear as if it comes from a trustworthy entity when, in reality, it comes from an imposter. Scammers have been known to trick their victims by sending fraudulent links via SMS, Whatsapp or email. These messages or calls are made to seem as if they’re coming explicitly from our bunq telephone number.
❗bunq won't call you via the phone. If you have any doubts of the message/call's legitimacy, please don't provide any sensitive data to the respective person and contact us through the in-app chat or use support@bunq.com.
What types of Spoofing are most common?
Fake bunq phone calls ☎️
Fraudsters can call you and pretend they are bunq employees that want to help you by masking the number they're calling you from. By doing so, you get a call from an unknown number, or it may look like we’re calling you from our own 24/7 emergency hotline +31208083666. They may ask you to follow a link, confirm or give away personal information, download softwares (such as TeamViewer, AnyDesk, Remote Desktop Protocol (RDP), etc), make transfers, etc. All these actions could lead to the loss of access to your account(s) and your funds.
🦹 Examples of tactics used by criminals on the phone:
- Use the name of real bunq employees and ask you to check this employee's account on LinkedIn, to make sure they work for bunq.
- “Inform” you that suspicious activities were detected on your account, such as a new device being added and/or suspicious transactions being started.
- Convince you to follow their instructions immediately to keep your account safe, and pressure you to take quick action.
- Following complex processes to create a sense of credibility, such as transferring your call to other “departments”, asking you to save procedure number, etc.
❗Please be informed that we only use this number to receive calls from our users who need urgent assistance. bunq will never call you. If any suspicious activity is detected on your account, we'll apply additional restrictions and/or contact you through the bunq app.
If you receive a phone call from someone pretending to be us, please report it here.
Fraudulent SMS messages 💬
Scammers are quite witty and creative in the ways they use to get your money. To get your attention
and worry you enough so you follow their instructions without a second thought, they can send a wave of fake messages seemingly from bunq using alarming words and phrases such as 'Suspicious device login', 'Verification required', 'Block', etc. They will also include a link, seemingly for your convenience, that you need to simply follow in order to take quick action and protect yourself.
If you follow the link, additional instructions follow via different channels - on a fake website, or via phone call/audio call, or text message. For example, you can receive an SMS from a Belgian mobile phone, while the fraudsters then call from a Dutch number. At some point you may be asked to scan a QR code and enter your bunq login details. A text may look like this:
The fraudsters will pretend they need you to do this in order to ‘secure your account’, falsely pretending to be members of the bunq team in order to gain access to your account, as well as all the information and assets in it.
Fake emails 📧
Similarly tactics from SMS fraud can be applied via email. A situation of urgency is insinuated and they copy bunq design and style on the email, in order to increase your chances to believe that email is legit. Always check whether the email is sent from one of our official emails for user communication.
If you've received an email and you're not sure if it's spoofing, check out the actual domains we use to communicate with you through email:
- @bunq.com - This is our primary domain and is used for transactional emails.
- @update.bunq.com - This subdomain is dedicated to sending bunq Update invites and general announcements.
- @WE.bunq.com - This subdomain is used for marketing communications.
- @review@bunq.com - This domain is used when we require extensive information and request additional documents from you.
Keeping you safe
If you're still wondering how you can avoid phishing and spoofing scams, you can find out some of our tips here.
If you receive a suspicious phone call, SMS, or email from somebody who tries to persuade you they represent bunq, be sure to alert us using our report form.
Related topics
Want to learn more? Explore more bunq knowledge here ✨