money security online phishing protection guide
Phishing

How to Protect Your Money From Phishing

January 6, 2024 - Raphael Knecht

Scammers use fraudulent messages to try to get to your money. Find out how to protect yourself from phishing attacks in this guide.

The Internet might make life easier for you, but it also makes things easier for the fraudsters who want your money. These scammers now have the ability to contact you and millions of other people simultaneously to try and con you out of login, bank account, or credit card information.

From Please update your information to Your parcel is on its way or You won! The fraudulent messages used in a practice known as phishing generally find their way into our mailboxes. Phishing is one of several common forms of online fraud. In this article moneyland.ch explains how to recognize and protect yourself from phishing attempts.

1. How to recognize phishing attempts

  • The email addresses and links used in phishing messages closely resemble a real company’s genuine contact information – but if you take a closer look, you will notice irregularities. For example, the email may be from “credisuisse.ch” “[email protected]” or “swisscom.org.”
  • Links in messages are designed to make you believe that they lead to genuine, secure websites. For example, the linked text may be the name of a legitimate, trusted website (post.ch, for example), but it links to a different URL. When you click on it, you go to a different website. If a message pertaining to be from a company has a link which does not lead to the company’s official site, you should be suspicious of that message.
  • An abnormal abundance of typos or poor grammar can indicate that a message is fraudulent. However, that does not mean that linguistically perfect messages are always genuine. Likewise, genuine communications sometimes contain typos.
  • The message is in English rather than the language you would expect it to be in (a local language, for example). Phishing mails are often written in English in order to reach the biggest possible target audience. Be wary if you receive a message claiming to be from a company or person, but in a language other than the one you normally use to communicate with that entity. The same applies to communications which claim to be from Swiss companies but use foreign characters (such as the German ß).
  • The sender does not know your name or customer number. If you receive an unexpected message which is not personally addressed to you, it may be a mass mailing sent to thousands of people simultaneously. This is especially true for messages related to parcel deliveries, as phishing emails often cite tracking numbers which are simply made up.
  • A company which you never did business with contacts you. If, for example, you never ordered anything which would be delivered with a given delivery service, suddenly receiving a message from that service provider would be very odd. That is particularly true if the message mentions orders or packages which you know nothing about. Merchants usually state which delivery services they use when you place your order.
  • You receive an offer that is too good to be true. Scammers often try to enthrall you with unbelievable offers. Unexpected lottery or raffle wins and free iPhones are typical examples of lures used to bait victims.
  • Messages use deadlines to put you under pressure. For example, a phishing message appearing to be from your bank may state that your account will be closed soon, or that you must respond to the message that same day. By putting you under pressure, scammers hope to push you into making hasty decisions.

2. How to protect yourself online

  • Do not reply to suspicious emails. These messages are often sent out to huge number of email addresses. By replying to an email, you signal to scammers that your email address is active. For the same reason, you should not simply call back whenever you get an unexpected phone call from an unknown number.
  • Do not click on links in messages from unknow senders. These may take you to fake websites on which scammers will try to obtain your login or credit card information. For maximum security, avoid clicking on links in emails, SMSs, and other messages.
  • If you need to click on links, make a habit of checking the URL behind each link before you click on it. In most computer web browsers, you can simply mouse over a link without clicking on it. The link’s URL will appear on the window’s bottom left corner. On smartphones and other touch-based devices, you can view the URL by holding your finger over the link for a longer period of time. Once you are able to view the URL, check whether it is part of the official, legitimate website, or whether it looks suspicious. In many cases, a phishing URL will closely resemble that of the authentic website, and you may only notice the small differences by studying it more closely.
  • If you receive an unsolicited message with an attachment (a picture or PDF, for example), do not download the file or open it, as it may be malware. Using a solid anti-virus program can help you identify harmful files. Real-time virus protection can also be beneficial for mobile devices, especially if you are not experienced in recognizing problematic websites and files. If you are unsure about whether an attachment is really from the person it says it’s from, consider asking them over the telephone.
  • If you are not sure whether or not a message is a phishing attempt – because the message seems to be from a trusted company, for example – consider contacting the company directly and asking them about it. Use the contact information on the company website and not the contact information in the questionable message. In the case of banks or credit cards, use the customer support line which appears on your card itself.
  • Check whether a phishing gang is doing its rounds. The online platform cybercrimepolice.ch collects information about current cyber-attacks and posts warnings. If a message you have received resembles one of those in a warning, you can be pretty sure that it is a phishing attempt.
  • Use a password manager which generates a unique, complex password for each login. Doing this leaves you less exposed to phishing and help protect you against brute force attacks without your having to remember a lot of different, complicated passwords. Make sure the password manager itself is protected by a secure password and multi-factor authentication. Never use the same password for many different online portals and service providers. This also applies to credit card PINs.
  • Check your monthly bank account and credit card statements carefully as soon as they become available. Some credit card issuers and neobanks give you the option of receiving alerts by app or SMS every time a transaction occurs. By keeping tight control over your transactions, you empower yourself to quickly recognize and respond to fraudulent transactions.
  • If possible, use credit or debit cards which have the option of freezing your account whenever you are not using your card. When your card is frozen, third parties cannot use it to make fraudulent transactions.
  • Adjust your credit card’s spending limit. Ideally, it should only be high enough to cover your normal card-based spending. If you use a prepaid card, only load as much money on the card as you will actually need. By taking these steps, you minimize the possible losses which you can incur if a scammer gains access to your card.

3. Steps to take if you believe you have been targeted for a phishing attack

  • Change your login information across all portals and services which scammers may have gained access to. If you use the same password for more than one login, replace it in all locations, and use different passwords for each login. If you are not sure which login data the fraudsters may have obtained, change your passwords and PINs for all important accounts and cards.
  • Freeze the credit cards which may have been exposed to phishing as soon as possible. If fraudulent transactions have already been made, inform your bank or card issuer and request reimbursement or chargebacks. Swiss banks will normally reimburse fraudulent transactions which you dispute as soon as you receive your statement.
  • Contact the providers of services which scammers may have gained access to. This can help them better prevent fraudulent log in attempts. In every case, you should also change your login information.
  • Report the phishing attempt. If you want to press charges, you can file a police report. Otherwise, you can report the attack to cybercrimepolice.ch in order to help identify broader attacks and warn the general population. The platform is operated by the Zurich cantonal police, but is not limited to the Canton of Zurich. Anybody and everybody can report incidents. If your employer's data is affected, you must also inform them immediately about the incident. The IT security department may be able to help you with the next steps.

More on this topic:
How to protect yourself from common online scams
Tips for avoiding credit card fraud
How to protect yourself from card skimming
Protecting yourself from fraudulent loans on social media
Online Banking Fraud: Can I Get My Money Back?

Request now for free

Leading credit cards

Free credit card

Swisscard Cashback Cards Amex

  • No annual fees

  • Two cards Amex & Visa/Mastercard

  • With cash back

Free credit card

Migros Cumulus Visa

  • No annual fees

  • With Cumulus points

  • Without foreign currency fees

Deal of the Day
×
Free credit card

Swisscard Cashback Cards Amex

No annual fees

Trading platforms

Brokers with low fees

Swiss Trading Platform

Cornèrtrader Special Offer

  • Special offer: particularly favorable conditions for Moneyland users

  • No custody account fees for shares

  • Swiss online bank with FINMA license

Swiss Broker

Saxo Bank Special Offer

  • Special offer: Reimbursement of brokerage fees up to CHF 200 for 90 days

  • Licensed Swiss bank (FINMA)

  • Free expert research and trading signals

Request now for free

Cheap bank accounts with card

Online private account

UBS key4

  • 50 KeyClub points as a welcome gift

  • Online private account with debit card

Swiss digital bank

Radicant

  • High interest on your everyday account

  • Best exchange rates

  • Up to 1% of card spending as saveback in the investment portfolio

Swiss Bank

Bank WIR Bankpaket Top

  • Free account & card

  • No exchange fees for foreign payments (interbank exchange rates)

  • 24 ATM withdrawals worldwide per year free of charge

Swiss digital bank

Alpian

  • CHF 100 welcome bonus

  • Favorable foreign exchange rates

  • Multi-currency account with Visa card (CHF, EUR, USD, GBP) 

Free bank account

Yuh

  • No account fees

  • Banking partner: Swissquote & Postfinance

  • CHF 20 trading credit with code «YUHMONEYLAND»

Request now for free

Cheap bank accounts with card

Online private account

UBS key4

  • 50 KeyClub points as a welcome gift

  • Online private account with debit card

Swiss digital bank

Radicant

  • High interest on your everyday account

  • Best exchange rates

  • Up to 1% of card spending as saveback in the investment portfolio

Swiss Bank

Bank WIR Bankpaket Top

  • Free account & card

  • No exchange fees for foreign payments (interbank exchange rates)

  • 24 ATM withdrawals worldwide per year free of charge

Swiss digital bank

Alpian

  • CHF 100 welcome bonus

  • Favorable foreign exchange rates

  • Multi-currency account with Visa card (CHF, EUR, USD, GBP) 

Free bank account

Yuh

  • No account fees

  • Banking partner: Swissquote & Postfinance

  • CHF 20 trading credit with code «YUHMONEYLAND»

Editor Raphael Knecht
Raphael Knecht was an analyst and a specialized editor at moneyland.ch until the end of February 2023. Since then, he is supporting the editorial team as a freelancer.
Free subscription

Sign up for the free newsletter

Subscribe now
more than 3 million pieces of data

Find all comparisons here

Go to comparisons