Security is the basis for trust in banks
Please read the following sections carefully and protect yourself against attacks from the Internet. For this purpose, we not only carry out comprehensive measures to protect your data against unauthorised access by third parties, but also guarantee the protection of your funds through statutory deposit insurance up to € 100,000 per investor and the modern mTAN procedure.
On this page we want to give you the opportunity to find out about secure and protected online banking. The focus here is on your safety, attention and caution. Please read the following sections carefully and protect yourself against attacks from the Internet
Our security topics
Folgende Punkte möchten wir dir gerne näherbringen. Bitte mach dich mit dieser Seite vertraut und vermeide Übergriffe auf deinen privaten Kontobereich.
Notification of 04 June 2019
We have a warning about a possible wave of phishing emails for you. In this e-mail, customers are encouraged to "update their data". This e-mail does not originate from Fidor Bank, which can be recognised on the one hand by the non-personalised greeting and grammatical errors in the text. Our request to you: don't react to this e-mail at all! We assume that this is a fraudulent attempt to access your data. Of course, we are already investigating this circumstance
Notification of 28 May 2019
The consumer advice centre warns against sending out masses of false broadcasting fees. These letters contain the logos of ARD, ZDF and Deutschlandradio and at first glance give the impression of authenticity. These letters request a transfer of an amount to an account of Fidor Bank AG. The counterfeits can be recognised by a non-personalised address, as well as the request for payment of the broadcast amount for one month (not one quarter)! We ask you to be extremely attentive when receiving such a message and not to transfer the requested amount under any circumstances!
Important announcement of the Federal Financial Supervisory Authority (BaFin)
According to BaFin, several cases have come to light, in which consumers have been persuaded to divulge personal data and participate in a video ID process under one pretext. Since your security and the security of your data are extremely important to us, we would like to draw your attention to this statement of the BaFin. Read this statement carefully and protect yourself from third party attacks!
Wichtige Mitteilung der Bundesanstalt für
Laut BaFin sind mehrere Fälle bekannt geworden, in denen Verbraucher unter einem Vorwand dazu gebracht wurden, persönliche Daten preiszugeben und an einem Video-Ident-Verfahren teilzunehmen. Da uns deine Sicherheit und die Sicherheit deiner Daten enorm wichtig ist, möchten wir dich auf diese Stellungnahme der BaFin aufmerksam machen. Lies dir diese Stellungnahme bitte sorgfältig durch und schütze dich vor Übergriffen Dritter!
Internet criminals have found a way to also tap into the mobile TAN procedure. With attentive customers, however, these fraudsters have no chance: We'll show you how to protect yourself! Please remember that we will neverask you in the Internet to enter personal information such as PINs or TANs, or to update your phone with software. Do not download updates on your mobile phone which you have received via SMS or MMS!
WHAT YOU HAVE TO WATCH OUT FOR DURING ONLINE BANKING!
Nowadays it is not only the physical loss of your credit card that leads to fraudulent incidents. Unfortunately, account attacks by so-called Trojans, phishing attacks or mTAN fraudsters occur again and again. Protect yourself from unauthorised access by third parties and increase your security awareness. Be vigilant throughout and question any incident that seems strange to you. The following points show different types of attacks on your personal banking area. With this measure we want to help you to recognise attacks, so that you can protect yourself against them - preventively!
Therefore, make sure that you always use a network that is as secure as possible and not publicly accessible. The aim of such a phishing attack is to plunder accounts and other protected areas on the Internet. Within such an attack, users are asked to follow a link that redirects you to a website that looks confusingly similar to the original page. So be careful which website you visit in your browser and pay attention to small typos within the domain.
Fidor Bank will never send you an email asking
you to enter your personal information such as PIN or FIN.
Please make sure that you are extremely careful when you receive such an email and never click on any link sent with it. If you don't feel safe, contact our customer service immediately
If your data is intercepted, third parties may log into your account and cause significant damage. Therefore, make sure that you always use a network that is as secure as possible and not publicly accessible. Please inform us of any suspicion of a phishing attack on your account. Only in this way can we help you as quickly as possible and ensure that this incident can be communicated to other customers. In addition, we can only prevent the attack and ensure that the phishing page sent is deleted through your active feedback.
We recommend that you always check for the latest version of your browser, firewall and virus scanner. The goal is the same, because like phishing, your personal data will be intercepted and used. The difference, however, lies in the way the scammers want to get to your data.
In pharming, so-called malware is sent. These are programs designed to harm you. These programs include viruses and Trojans, for example. These programs nest in your system and can now redirect your supposedly secure and correct address entry to a phishing site. If the Trojan is well done, an https connection is still displayed in the address bar.
We recommend that you always check for the latest version of your browser, firewall and virus scanner. Do not compromise and "update" regularly said programs. Therefore also perform regular virus scans. Also, never store your passwords (or any private access keys) on your computer, and change them from time to time.
To spoof someone - to manipulate, deceive, or disguise someone. Spoofing is another method of data theft in which cybercriminals disguise themselves as trusted sources, or devices to mislead users into doing certain things. These actions are designed to steal information and can cause you and your data significant harm. Spoofing can be roughly divided into 2 approaches. The first method is the so-called mail spoofing, which is one of the most widespread attacks. The process is as follows: The e-mails that end up in your mailbox seem to come from a source that is completely trustworthy, such as a friend or colleague. However, these emails come from criminals trying to fetch your data and harm you. The sender is, so to speak, veiled and replaced by a normal sender. You will thus, for example, get a payment request from your bank, which you must settle immediately. Spoof emails can also include attachments with malware that will automatically install on your computer as soon as you click on it. The second method is IP spoofing. Here the data theft does not aim at individual users, but at networks. By sending messages from a spoofed or "spoofed" IP address, it allows unauthorized access to a particular system.
Of course, we want to explain to you how you can actively protect yourself against spoofing. Sensitization to the method, along with understanding what spoofing is, gives you the most effective protection against data theft. Pay attention to every detail when e-mailing or visiting a website. If you have even the slightest doubt, then assure yourself to the supposed sender, whether he really has written and sent this e-mail. Any suspicion should alert you and cause you to either delete the said e-mail or to leave the website. Even common security software offers you reliable protection against the robbery of your data.
All our websites are encrypted with https in order to protect your data optimally and not to give third parties the possibility of fraud.
Basically, the so-called "Hyper Text Transfer Protocol (http)" is used to load a certain website, which is located on a server, into your browser. The "Hypertext Transfer Protocol Secure" (https) has basically the same task, but it does it encrypted! This ensures a tap-proof connection between the website operator and your browser. You can recognise this https website by two simple but clear features: on the one hand by the aforementioned lettering in the address bar of your browser, and on the other hand by the "padlock" that is visible in front of the address.
Be particularly careful here and rather look a second time! All our websites are encrypted with https in order to protect your data optimally and not to give third parties the possibility of fraud.
Banking Trojans are becoming ever more sophisticated and often cannot be discovered because of ingenious techniques. The ultimate goal of a Banking Trojan is to remain undetected. In secret, the malware is waiting for you to check your account balance or make transfers. If you have placed an order, Trojans, for example, change the transfer data in your memory. In this way, the amount released by you is transferred unnoticed to another account
Special care should be taken with, among other things:
unnatural subject lines with an unusually high number of capital letters or similar features
alleged reminders with a ZIP file attached (do not open this file!)
Mails with a debt collection company as sender
Messages in your account or app that have never existed before
The Trojan can also manipulate your browser's display to force you to enter a PIN or mTAN. These will be tapped and used for withdrawals from your account. Basically, Trojans try to record keystrokes, stored data, and information inside your browser, and they steal anything that can help them plunder your bank account. Among all malware, banking Trojans pose the greatest threat to your money. Therefore, we advise you to always use up-to-date and tested antivirus programs to ensure the best possible protection of your data.
It is pretty clear that smartphones have made online banking more convenient and independent. No matter where you are, you can access and manage your account. But this is exactly where great dangers are concealed. There are already a high number of viruses and malware for smartphones, so it's high time to adequately protect your phone from attacks.
Trojan dangers on your smartphone
Smartphones are often the victims of Trojans that only become active when you open your banking app. Now a fake window is displayed which looks deceptively similar to the banking app and asks for your login data. As soon as you enter your data, third parties can access your account.
A well-known representative is the Android Trojan Android.Smsspy.88.origin, which is also able to intercept your SMS. This now allows the scammers to plunder your account undetected and without suspicion.
Now you're probably wondering how to protect yourself from these attacks?
- Always be suspicious! Remember every step of our banking app, down to the smallest detail. If in doubt, take screenshots and note down the individual steps of the banking process. Internalise our process and thereby be able to recognise fake queries.
- Also protect your smartphone with an antivirus app and keep it up to date.
- We also recommend that you always protect your phone with a screen lock (fingerprint & PIN). If your smartphone is unexpectedly stolen without a screen lock, thieves will have an easy time. If your phone gets stolen or lost, don't hesitate to lock it immediately!
- Even if the big advantage of mobile banking is its local independence, we recommend that you always use a secure network and only in exceptional cases a mobile data network (4G, LTE).
Please read the following sections carefully and protect yourself against attacks from the Internet For this purpose, we not only carry out comprehensive measures to protect your data against unauthorised access by third parties, but also guarantee the protection of your funds through statutory deposit insurance up to € 100,000 per investor and the modern mTAN procedure. For the mTAN procedure we need your mobile phone number: Whenever you place an online order with us, you will receive an mTAN via SMS on your mobile phone. The mTAN must be entered to confirm the order. In addition, you can subscribe to various alerts (SMS/email) for your Fidor Mastercard® in order to always be well informed about card sales.
To set alerts, first log into your current account. Then call up the "Alerts" menu item. Here you can set the desired notification options. You can choose between email and SMS alerts. Set your checkmark at the desired place and click on save – done!
Always make sure you're on a real Fidor Bank site. Check this in the first step by comparing the Internet address in your browser. In addition to the mTAN procedure, Fidor Bank uses the SSL (Secure Socket Layer) encryption procedure to encrypt the online pages. You can tell by the "s" in the URL when you are logged in. It stands for an SSL connection, which ensures that the transmission between your computer and the bank computer is encrypted and thus secure for the duration of your online session. Your data is thus protected from unauthorised access by third parties. As long as this 128-bit encryption is active, the data cannot be read or used by third parties.
Mozilla Firefox:you can find the lock in the status bar. This appears during a secure connection. If you click on the lock in the status bar, a dialogue box with the security information opens. Click on the "More information" button to get more information, including Display information about the validity of the certificate and see who the certificate is issued to (issued to fidor.banking.de). To view the information, please click on the button "Show certificate" and then on "General".
Google Chrome: you can find the lock in the top left of the entry bar for Internet URLs. A double-click on the symbol opens a dialogue box with the properties and contents of the certificate.
The free mobile TAN is one of the most secure procedures in online banking. In addition, phishing attacks on TANs in the mTAN process are also made more difficult. You will receive these via SMS on your mobile phone. If you enter the mTAN incorrectly three times in a row, your transaction will be aborted and you will receive a new mTAN. For security reasons, your mTAN is only valid for a certain period of time.
An mTAN is a mobile TAN or smsTAN and is transmitted via SMS to electronic banking users. As an online banking customer, you will receive a TAN on your mobile phone from Fidor Bank via SMS, which can only be used for this transaction, after the completed transfer has been sent via the Internet. The order must then be confirmed with this mTAN.
Why is this variant more secure? By limiting the validity period of the mTAN to only the transaction ordered in each case, redirection to another account should be prevented. In addition, phishing attacks on TANs in the mTAN process are also made more difficult.
Even if you lose your mobile phone, you don't have to worry because the validity of the mTAN is limited. SMS may also tell you about unauthorised transfer attempts, so you can immediately block your account. The use of mTANs at Fidor Bank is free of charge.
Important: We need your mobile phone number for this procedure.
To participate in the Fidor Bank Community we only need the e-mail address and the first and last name of the user. Registrations are possible from the age of majority and with permanent residence in the Federal Republic of Germany.
The password you provided for the Fidor Bank Community is valid to use a Fidor Smart current account. We also need your mobile phone number for the mTAN procedure, as well as a verification of your data via VideoIdent. Registrations are possible from the age of majority and with permanent residence in the Federal Republic of Germany.
Only fully authenticated Fidor Bank customers may use the Fidor Smart checking account to its full extent, conclude high-yield savings products, transfer money to any account, trade in foreign currencies and much more. - without limit restriction. The VideoIdent procedure is available to those who wish to authenticate themselves.
A Fidor Smart current account may only be used by the registered user in their own name and on their own behalf.
Closing an existing account is not possible if debts with other users are open (for example, because you have been loaned money).
You've made a good move in choosing Fidor Bank!
Our innovative business model has successfully been able to establish itself in a demanding market environment since it was founded in 2009. Community banking and the Fidor Smart current account concept have convinced not only 80,000 customers, but also institutional and especially internet-savvy companies, to follow a joint path to success with Fidor Bank.
It is part of our strategy to communicate all of the Bank's activities transparently and to conduct a proactive dialogue with customers and community members about the Bank's business conduct.
Only together can we achieve more. Problems and questions can be discussed and discussed together. Together we can solve problems more easily. This system of values is the basis of both our products and our service. Only in this way can we achieve our goal: promoting mutual commitment.
The following numbers are available for you around the clock. Report the loss immediately!
Within Germany: Telephone: 116 116; outside Germany: telephone: +49 116 116 or
+49 30 40 50 40 50
The 116 116 blocking emergency call can be called free of charge in Germany.
The amount of the fees from abroad depends on the prices of the respective foreign provider.