Everything you need to know about phishing

How to stay one step ahead of fraudsters

Phishing attacks are increasing, everywhere and in various ways and forms. Forewarned is forearmed or so the proverb goes. That is why we want to tell you all about phishing and share our best tips and tricks so you are always one step ahead of the fraudsters.


What is phishing?

Phishing is a form of online fraud where cybercriminals impersonate a supplier, business, or official body to trick you into divulging sensitive personal information and misuse this.

Fraudsters often search for this information online. So be careful what you share and with whom. A photo of yourself, your family, or your hobby on social media that is visible to everyone? Just what a cybercriminal is looking for. In addition, these malicious actors are increasingly turning to other channels: e-mail (phishing), SMS (smishing), telephone (vishing or voice fishing), social media, etc. Any form of communication can therefore be a potential threat.


How to identify a phishing scam?

A suspicious message looks like it came from a legitimate sender. Logo, font, signature... How do you know it’s a phishing attempt? Here are some questions to ask yourself:

  • Where did the message come from?
    If the bank sends you a message, we usually do this through one of the official channels: a specific e-mail address or (abbreviated) phone number. Did you receive a message about your banking from an e-mail address such as info@in-paulamonroe.shop? Chances are this is a phishing scam. But these fraudsters also use subtler methods, e.g., adding a letter to a domain name. So @helllobank.com instead of @hellobank.com. A small difference, but the added 'l' makes all the difference between your bank or a fraudster...

    Tip: Tap (smartphone) or hover your mouse (PC) over the sender to display the underlying e-mail address.
  • Does the message contain a sense of urgency?
    Cybercriminals often try to get you to do something quickly and in a rush, triggering your emotions and fears. Take, for example, the message "Your last payment to Netflix was declined. Please click on the link below to contact us. If not, we will cancel your subscription." The last thing you want is to not be able to watch your favourite series. Not sure what to do? Contact the company’s helpdesk or customer service. Whatever you do, never click on the link!
  • Does it sound too good to be true?
    Then it’s not true... Sometimes you may be tempted by an offer you can't refuse. A unique investment or an once-in-a-lifetime opportunity to invest in unique real estate. This is an example of investment fraud, where you pay for something that will never be built. Fake prize scams and 'sudden' unsolicited assistance are also in this category.
  • To which website does the link redirect you?
    You can often tell from the message to which website the sender is redirecting you. Is this the official website of the service or supplier? Check the URL before clicking on the link and compare it with the URL of websites you know. This takes a few minutes, but it can prevent you from falling for a scam.

    Tip: Want to know how to recognise fraudulent or spoofed URLs? You can find useful modules on the Safeonweb website (external website) to help you with this.
  • Does the message urge you to share passwords, codes, or other confidential information?
    Then chances are that you are the subject of a phishing attempt. A bank, the police, or a public service will never ask for your personal codes.

Did you answer 'yes' to any of these questions? Then don't click on any other links and contact the department from which the message (supposedly) originated. Use your common sense, dare to ask questions, and be critical. Not sure? Then stop now!


Useful information

Did you know?

  • The content of a suspicious message often looks perfectly legitimate? Fraudsters put a lot of time and energy into devising a plausible story.
  • A suspicious message does not necessarily contain spelling or grammatical errors?
  • The message is often very well written? Fraudsters speak perfect Dutch, English or French. And they are usually very friendly.
  • You should never share your secret codes, not even with your BFF? There is a reason why they are secret.
  • Safeonweb* (external website) offers training courses so you can expand your digital knowledge about online security?
  • The Safeonweb app* (external website) warns you about large-scale attacks with fraudulent messages?


Are you the victim of fraud?

  • Check your most recent transactions for unusual or suspicious transactions.
  • Call the Hello Team on + 32 2 433 41 45 (Monday through Friday from 7am until 10pm and Saturdays from 9am until 5pm).
  • Outside the opening hours of the Hello Team, you can call +32 2 433 43 75 (only if you suspect you are the victim of fraud).
  • Call Card Stop immediately on 078 170 170 (+ 32 78 170 170 from abroad) to block all your bank cards or block your debit card(s) through your Hello bank! app.
  • Make a statement to the police within 24 hours and send a copy of your hearing sheet to the Hello Team.
  • Check on which devices you have installed your bank app through Easy Banking Web (Settings > Access to our apps) or in the Hello bank! app (Settings > Security > Devices with our apps). Delete any devices that seem suspicious or that you don't know.

You can find more information on Safeonweb.be* and on the Febelfin website*.

* You are being redirected to another website. By clicking on this link, you will leave the secure Hello bank! environment and will be redirected to an external website that is not linked to or affiliated with Hello bank!. Please note that Hello bank! has not carried out any checks on this external website and therefore does not assume any responsibility for the content, information, products or services contained therein or the security thereof. Please contact the owner of the external website with any questions you have about the use of this website.