Phishing by e-mail

Phishing by e-mail

Fraudsters don't usually call to try and steal your codes nowadays. They'll more likely e-mail or text you with a link to a fake website. They often try to frighten and urge you into doing something, such as entering your personal and bank details and even security credentials (like card reader response codes for online banking) on their scam website. The unseen fraudsters will then log into the genuine KBC website to make payments or change your client details.

How do these criminals operate?

The e-mail contains a link that tricks you into going to a fake website, telling you to:  

  • Enter your personal details and card number
  • Provide your response codes

Once they have their hands on your card number and response code, they can log in to bank online in your name and steal from you by fraudulently transferring money from your account.

How can I protect myself against dynamic phishing?

  • Keep the codes you generate with your card reader secret, just like your PIN. They are the key that unlocks your money and they're personal to you. We will never ask you for them, whether by e-mail or text message or over the phone.
  • Verify the messages and instructions on your card reader.
  • Check the website address in your browser's address bar to make sure you're on a secure website like ours that starts with https:// (‘s’ stands for ‘secure’) and that all or part of the address bar is coloured green (it'll be this colour if you're using a newer browser). 

Our Cybersecurity Service includes virus and phishing protection software that protects your devices and your online activities from attack by cybercriminals.
Learn more.

How do I know it’s a real KBC e-mail?

1. Check the sender’s domain name

This is what you see after the @ in an e-mail address like the highlighted section shown below.

We virtually always use these domains:  

If you receive an e-mail with a different domain name purporting to be from us, it may be a phishing scam. Send it right away to to have it checked by our specialists.

2. Verify links in e-mails

Treat e-mails asking you to open links with suspicion. Never open links without checking them first.

Hover over the link without clicking to see at the bottom left where the link would take you if you opened it.
Links are secure if the two last parts of the section between the forward slashes are one of our official domain names like, and

4. Beware of supposed KBC e-mails requiring you to buy something or update your banking details (we’ll never do this)

We’ll never ask you for the codes you generate with your card reader.

If you get an e-mail asking you to do this, it’s definitely a phishing scam. It will often be under the pretence that your debit card is about to expire and you need to renew it.

Phishing anno 2018 

Done everything above but still not sure whether an e-mail is authentic? Send the suspect e-mail to
and our security experts will check it for you.

Report internet fraud

Report internet fraud



KBC Cybersecurity Service

KBC Cybersecurity Service

Protect your computers, tablets and smartphones against viruses and unsafe websites and protect yourself against phishing
What do we do at KBC to secure online banking?

What do we do at KBC to secure online banking?