Phishing by e-mail

Phishing by e-mail

Fraudsters don't usually call to try and steal your codes nowadays. They'll more likely e-mail or text you with a link to a fake website. They often try to frighten and urge you into doing something, such as entering your personal and bank details and even security credentials (like card reader response codes for online banking) on their scam website. The unseen fraudsters will then log into the genuine KBC website to make payments or change your client details.

How do these criminals operate?


The e-mail contains a link that tricks you into going to a fake website, telling you to:  

  • Enter your personal details and card number
  • Provide your response codes

Once they have their hands on your card number and response code, they can log in to bank online in your name and steal from you by fraudulently transferring money from your account.

How can I protect myself against dynamic phishing?

  • For one, you should never respond to requests for payment from unknown parties.
    If you need to make a bank transfer, simply log in to the KBC-website (www.kbc.be) or use KBC Mobile.
        -    If you’re buying something online, you only need the seller’s account number (IBAN) to transfer a payment.
        -    If you’re selling something online, it’s sufficient to give the buyer your bank account number (IBAN).
    If they ask for any other details, it’s very likely you’re dealing with a criminal.
  • Keep the codes you generate with your card reader secret, just like your PIN. They are the key that unlocks your money and they're personal to you. We will never ask you for them, whether by e-mail or text message or over the phone.
  • Verify the messages and instructions on your card reader.
  • Always keep your PIN and the codes generated by your card reader a secret – they are the key that unlocks your money and they are strictly personal.
  • Please note: Scammers are increasingly using bogus websites with URLs starting with https://. The ‘s’ in https stands for ‘secure’ and tells you you’re using a secure connection. However, this provides no guarantee that the party you’re dealing with is trustworthy.
    To find out if the KBC website or KBC Touch you’re using is legitimate, check the URL in your browser address bar: 
        -    The URL of the KBC-website starts with www.kbc.be.
        -    The URL for KBC-Touch starts with 'https://KBCtouch.KBC.be'.
  • Keep the codes you generate with your card reader secret, just like your PIN. They are the key that unlocks your money and they're personal to you. We will never ask you for them, whether by e-mail or text message or over the phone.

Our Cybersecurity Service includes virus and phishing protection software that protects your devices and your online activities from attack by cybercriminals.
Learn more.

How do I know it’s a real KBC e-mail?

1. Check the sender’s domain name

This is what you see after the @ in an e-mail address like the highlighted section shown below.

We virtually always use these domains:
@kbcmail.be
@kbc.be
@mail-kbc.be
@mm.kbcam.be
@mm.kbc.be  

If you receive an e-mail with a different domain name purporting to be from us, it may be a phishing scam. Send it right away to secure4u@kbc.be to have it checked by our specialists.

2. Verify links in e-mails

Treat e-mails asking you to open links with suspicion. Never open links without checking them first.

Hover over the link without clicking to see at the bottom left where the link would take you if you opened it.
Links are secure if the two last parts of the section between the forward slashes are one of our official domain names like kbc.be, kbcmail.be and mail-kbc.be

https://www.kbc.be/homeplans
http://content.kbcmail.be/

4. Beware of supposed KBC e-mails requiring you to buy something or update your banking details (we’ll never do this)

We’ll never ask you for the codes you generate with your card reader.

If you get an e-mail asking you to do this, it’s definitely a phishing scam. It will often be under the pretence that your debit card is about to expire and you need to renew it.

Phishing anno 2018 

Done everything above but still not sure whether an e-mail is authentic? Send the suspect e-mail to secure4u@kbc.be
and our security experts will check it for you.

Report internet fraud

Report internet fraud

Phishing

Phishing

KBC Cybersecurity Service

Protect your computers, tablets and smartphones against viruses and unsafe websites and protect yourself against phishing
KBC Cybersecurity Service

What do we do at KBC to secure online banking?

What do we do at KBC to secure online banking?