Security and data protection
Protect your finances against fraudsters and thieves on the internet and beyond.
3 rules for your security
Always check who you’re talking to. A scammer can pretend to be anyone.
Never share your login details, passwords or card numbers.
Be careful what you confirm or pay for – and to whom.
Happening Now
Scammers are increasingly sending fake requests via WhatsApp asking people to vote in contests or polls. And what’s worse, the message may not come from a stranger, but from one of your contacts. As soon as you open the link in the message and “verify” yourself according to the instructions, scammers will gain access to your WhatsApp account. They will then lock you out, gain access to your conversations, and use your contacts to try to steal from them.
How the scam works
You’ll receive a message via WhatsApp from a number belonging to someone you know, asking you to vote in a contest or poll and including a link. The message may not contain any errors or typos and may look very credible.
After opening the link, you’ll be asked to verify your identity to vote via WhatsApp using a QR code or verification code, or you may be required to enter additional information. The moment you do this, you’re giving the attacker full access to your WhatsApp account, including your conversations, photos, and contacts. And if they want to, they can take over your account.
The scammers will then send a message from your WhatsApp account to some of your contacts asking to borrow money to trick them out of their funds, and to others a deceptive request to vote with a fake link. This allows them to gain access to more accounts and contacts, which they can exploit in the same way.
How to protect yourself against this scam
- Do not click on links asking you to vote that you receive on WhatsApp. Not even if they are sent from a number belonging to someone you know.
- If you receive a request to send money, always verify the information by phone outside of WhatsApp.
- Enable two-step verification in the app settings.
- Never enter a verification code into WhatsApp or scan a QR code unless you are intentionally linking another device yourself. Never share incoming codes with anyone.
- Do not connect WhatsApp to other unknown devices, and check the app settings to see which devices are currently linked to your account.
On a positive note: if your WhatsApp account has been compromised or you’ve lost access to it, you can recover it by following these steps. We recommend that you then warn all your contacts who may have already received a loan request or poll from your account.
NFC (Near Field Communication) technology is commonly used for convenient contactless payments by mobile phone or smartwatch in shops. Fraudsters have now found a way to abuse this technology and steal money from you.
How does the scam work?
- You may receive a call from someone pretending to be a bank employee, a police officer or a representative of the Czech central bank. They claim that your account has been compromised and urge you to install a “security app” immediately.
- Shortly afterwards, you receive an SMS or a message via WhatsApp or a similar service with a link to download the app. The app looks convincing and often imitates the official website or branding of a bank or the Czech central bank.
- After installation, the fraudster instructs you to place your payment card against your phone and enter your card PIN into the app for “verification”.
- By placing the card against the phone, the card details are transferred to the malicious app. The fraudster then gains full access to your card and can withdraw cash from ATMs or pay in shops as if they physically had your card – without you realising it.
How to protect yourself against the scam?
- Never place your payment card against your phone at the request of someone else and never confirm anything by entering your card PIN.
- Do not install apps you do not know from links in SMS messages, WhatsApp messages or similar services.
- Always verify who you are communicating with. Fraudsters can pretend to be anyone. The police and central bank staff never contact people about a compromised bank account.
A scam that begins with a message pretending to be from a child or grandchild is once again spreading across the Czech Republic. The supposed family member asks for money, claiming to be in trouble. If you believe the message and send the money, you will lose it.
How does the scam work?
- You receive an SMS, a message via a chat app or an email from an unknown sender.
- The sender introduces himself/herself as your child or grandchild.
- In the message, he/she claims to be in trouble, says he/she is writing from a friend’s device and that he/she needs money.
- A variation of the scam involves claiming he/she has a new phone number. The conversation then continues, and in subsequent messages, he/she asks for money under a fabricated pretext.
- Along with the request, he/she sends a bank account number for you to transfer the money to.
How to protect yourself against the scam?
- Verify that you are truly communicating with your child. Contact him/her using a phone number you already know, or reach out through other channels or his/her friends.
- Do not share any sensitive information in a message unless you are 100% certain that you know who you are talking to.
- Be careful about what and to whom you are paying. Never send money to an unfamiliar bank account if you do not know exactly who it belongs to.
Glossary
Investment Scams Offer
Vishing
CEO Fraud
"Nigerian’ Scams"
Phishing
Ransomware
Fake Merchants
Malicious software (malware)
Fraudulent invoices/change of account number
Phishing and Payment Cards
Holiday scam tactics
Has someone scammed you?
Don’t hesitate – use our first aid support.
Contact your bank immediately – don’t hesitate, call even if you only suspect something.
Call us 24/7 via George or on 277 207 207
From abroad, call us 24/7 on +420 956 777 901
Change your banking login details in your George
- Change your security settings for Bank ID in George.
- Forward any suspicious emails, SMS messages, chats or call recordings to our dedicated mailbox: podvody@csas.cz.
- Report the fraud to the police – you’ll help protect not only yourself but others too.
- Block your payment card in George.