More and more scammers are sending links that lead to fake bank websites.

“I clicked on a strange link…”
No good story begins like this.
More and more scammers are sending links that lead to fake bank websites. 
Learn more now and prevent fraud.

Protect yourself from phishing by following the advice below:

  • Never use links or scan QR codes received via email, SMS, letters, or marketplaces to log in to financial institutions.
  • Always type your financial institution’s or online service provider’s website address manually into your browser’s address bar (e.g., ubs.com).
  • Never enter login details, PINs, or one-time codes into forms sent by email or text message.
  • Be cautious with attachments in emails and text messages and make sure to treat them with great care.
  • Never share confidential information, such as passwords, or grant remote access to third parties. UBS will never ask you to download software or apps, for example, to unlock or authorize your device.
  • Carefully review notifications, such as payment confirmations or changes to account settings.
  • If something feels unusual, urgent, or involves pressure or unexpected requests, stop immediately and contact your financial institution via official channels.
  • Be alert to voice phishing: scammers may call while impersonating trusted institutions such as banks, IT support, marketplace providers, or authorities and may request credentials, codes, software downloads, or other actions by phone. Caller IDs and phone numbers can be faked, and calls may be combined with email, SMS, or other text messages.

This is typically how a phishing attack occurs:

1. Contact

Criminals send out fake emails or text messages (e.g., SMS) pretending to be employees of online service providers or financial institutions. For example, the email recipients are informed that their account details or access data (e.g., username, password) are no longer safe or up to date and that they should be updated using the link in the email.

2. Intercepting personal data

However, the link does not lead to the original page of the service provider in question but to a fake website, albeit a very authentic looking one. Personal information entered there, such as passwords, directly end up in the hands of the perpetrators.

3. Financial gain

Using the stolen information, the perpetrators then, for instance, carry out transfers from their victim’s bank account, buy online at their expense, or place fake offers with online auction houses.

To be able to send you phishing emails, fraudsters need to know your email address. To reduce this risk and generally reduce spam in your inbox, following some simple rules will help: see our article on spam here.