Phishing and Payment Cards

Protect your card details from attacks by internet fraudsters

Phishing is the fraudulent acquisition of sensitive information from your payment card (such as the card number, card validity, PIN or three-digit CVC/CVV code on the back of the card). The fraudster tries to obtain this sensitive information from you by pretending to be a bank, a merchant you already deal with, or the VISA/Mastercard corporation.

We will never request that you disclose to us your card or CVV/CVC details, your PIN or the SMS authorisation number confirming card payment over the internet (3D Secure).

Phishing can occur through email, SMS, on social networks or fraudulent websites, e.g., through a fake checkout page or payment gateway. These details can also be elicited by telephone (known as vhishing).

How can you protect yourself?

  • Set reasonable limits for online payments (if you do not make online payments on a daily basis, set your online payment limit to zero; that way, in the event of phishing, your card is protected). Online limits are daily. Setting and changing limits is free via your internet banking.
  • Do not respond to requests to disclose information in the following cases:
    • You are told that you have won goods or services but you are required to enter your payment card details in order to receive them
    • Fraudulent websites – check the displayed URL (the ‘www’ address).
    • Do not respond to warning messages about a blocked card or account or about the need to change password with a request to enter your card details, usually by filling in a form.
    • Do not click on links; instead, enter the URL or ‘www’ address you want to go to directly into the address bar of your browser.

More information