The Bank of Portugal (BdP) has launched a new alert for consumers: fraud attempts are increasing through messages and calls pretending to be from banks.
According to , the banking regulator has received multiple reports of phishing schemes, a type of attack in which criminals pretend to be official entities, such as banks, insurance companies or public bodies to steal sensitive information. The technique is increasingly sophisticated and has been deceiving a growing number of consumers in Portugal.
Stay alert
The BdP explains that victims often receive messages, emails or calls warning of an alleged account blocking, asking them to share access data or security codes sent via SMS. The institution emphasizes that this type of contact never comes from legitimate entities and that customers should act with caution.
“You receive an email, message or phone call supposedly from your bank alerting you to the fact that your account may be compromised or blocked and asking you to log in to regain access or to share a code that is sent by SMS to your cell phone. Stay alert! It is likely that you are facing a common form of phishing, that is, an attack aimed at capturing your personal data”, warns the supervisor of the bank.
How these schemes work
According to the publication, scammers use spoofing, a technique that allows them to copy official telephone numbers and email addresses, making contact more convincing. They create an apparently legitimate scenario to get the user to provide their data, citing reasons such as the need to unlock the account, update information or confirm a refund.
In many cases, the tone of the message is urgent or even intimidating, warning of possible account blocking if the victim does not act immediately. This emotional pressure is precisely what leads many people to act without thinking, and that is what scammers rely on.
The BdP also warns that, to appear credible, criminals may mention personal information they already have, such as name or address, obtained through data leaks or social networks.
How to protect yourself
The BdP recommends carefully evaluating all requests for information, regardless of the channel used. Phishing attempts can occur via email, text (smishing), phone call (vishing) or social media.
The BdP reinforces that you should never provide access credentials, authentication codes or banking details, and that no legitimate financial institution will make this type of request by phone or message.
It is also advisable to manually type the bank’s email address into the browser, instead of clicking on links received by email or SMS, to avoid fake pages that look identical to the original.
If in doubt, do not proceed with payment or share personal information. Contact your bank directly through official channels and report the situation to the PSP, GNR, Judiciary Police or Public Prosecutor’s Office.
According to Banco de Portugal, the main defense against fraud continues to be prudence. “If the request is urgent and seems strange to you, this is a sign that you should stop and confirm first”, reinforces the regulator.
Also read:
