• Phishing can be defined as the attempt of fraudsters trying to obtain to your personal information (such as usernames, passwords and credit card details) in order to gain access to your money.
   
• Phishing occurs when fraudsters send users seemingly genuine communications via digital channels, such as instant messages or emails asking them to click on a link provided, either to obtain their data or to infect the user’s device with malware, which is a software specifically developed to grant unauthorized access or jeopardize the target’s operating system.
   
• These fraudsters often falsify their sender details, posing for example, as Fidor Bank, and asking you to enter your PIN, FIN or other sensitive information.
   

Fidor Bank will never send you an email asking
you to enter your personal information such as a PIN or FIN.

Fidor Bank will never send you an email asking you to enter
your personal information such as a PIN or FIN.

• Don’t give away sensitive information online, unless you are very sure that the website or message recipient is the right one.
   
• Don’t click on any links from unknown or suspicious senders
   
• Users can be asked to click on a link that redirects you to a website which looks confusingly similar to the original page. Therefore, be careful which website you visit in your browser and pay attention to any small typos, alterations or irregularities within the domain
  (e.g. fiidor.com, flidor.com, fi.dor.com, etc.).

Make sure that you always use a network that is as secure as possible and not publicly accessible when you exchange private or sensitive information over the Internet.

• If you believe your security has been jeopardized, please call the numbers
  below or contact our customer service immediately. Alternatively,
  please visit Contact & Help for more details.

Emergency Card Blocking Hotline:
Within Germany*: 116 116
Outside Germany**: 0049 116 116 OR 0049 30 40 50 40 50

*Calls from within Germany are free of charge
**Calls from abroad are subjected to prices from foreign providers
 

Emergency Account Blocking Hotline:
0049 89 189 085 454 (Monday to Friday - 08:00 am to 06:00 pm)

• Pharming is derived from combining the two terms “phishing” and “farming” and is a form of cybercrime or online fraud involving malicious code (e.g. malware such as viruses or Trojans) and fraudulent websites.
   
• Pharming is a two-step process. First, cybercriminals install malicious code onto your computer or server. Second, the code sends/directs you to a phony website where users will be tricked into providing their personal information.
   
• Unlike phishing, pharming doesn’t require the initial click of a link to redirect you to a fraudulent website. Instead, users that are infected with malware are redirected to a phishing site automatically, despite their seemingly secure and correct address entry.
   

• We recommend that you always check for the latest versions of your browser,
  firewall and virus scanner. Make sure to regularly "update" these programs
  and to perform regular scans for viruses.
   
• Never store your passwords (or any private access keys) unsecured on your computer
  and make sure to change your passwords regularly.
   

• If you believe your security has been jeopardized, please call the numbers
  below or contact our customer service immediately. Alternatively,
  please visit Contact & Help for more details.
   
• Emergency Card Blocking Hotline:
  Within Germany*: 116 116
  Outside Germany**: 0049 116 116 OR 0049 30 40 50 40 50
  
  *Calls from within Germany are free of charge
  **Calls from abroad are subjected to prices from foreign providers
   
• Emergency Account Blocking Hotline:
  0049 89 189 085 454 (Monday to Friday - 08:00 am to 06:00 pm)

• Spoofing is the act of disguising a communication from an unknown source as one
  from a known and trusted source. It is another method of data theft,
  where cybercriminals disguise themselves as trusted sources (or devices) to mislead
  users into completing certain actions. These actions are designed to steal information
  and can cause you and your data significant harm.
   
• Spoofing can roughly be divided into two different categories:
  i) Email Spoofing and ii) IP Spoofing.

i.     Email Spoofing occurs when an attacker uses an email to trick a recipient into thinking it came from a known or trusted source. It is one of the most widespread attacks since victims believe they are being contacted by someone they know (e.g. customers, coworkers or managers) who is urging them to react. These emails may include links to malicious websites or contain attachments that are infected with malware (e.g. viruses or Trojans). Email spoofing may also use social engineering – which is the ability to convince a human user to believe that what they are seeing is legitimate, urging them react and open the attachment, transfer money or further disclose sensitive information.

ii.     IP Spoofing focuses on networks instead of users, leveraging the fact that many IP services authenticate themselves to the external system using the IP address. This attack is based on an IP protocol weakness, namely that the IP packets are not separately authenticated. In this case, the user enters the URL in the browser but does not visit the desired target page, but the attacker's page.

• The best protection against spoofing is awareness. Pay close attention to the smallest details when emailing or visiting websites. Should you have any doubts about the legitimacy of an email, then it is advisable to make a phone call to confirm if the information is accurate and actually came from the sender. When visiting a website, pay close attention to how the website looks and behaves.
  
  If anything seems irregular or suspicious, delete the email or leave the website. It is therefore vital that your systems are regularly updated with robust security software, that is able to protect you from fraudulent websites and can eliminate malware as soon as it attempts to infiltrate your system.
   

• If you believe your security has been jeopardized, please call the numbers
  below or contact our customer service immediately. Alternatively,
  please visit Contact & Help for more details.
   
• Emergency Card Blocking Hotline:
  Within Germany*: 116 116
  Outside Germany**: 0049 116 116 OR 0049 30 40 50 40 50
  
  *Calls from within Germany are free of charge
  **Calls from abroad are subjected to prices from foreign providers
   
• Emergency Account Blocking Hotline:
  0049 89 189 085 454 (Monday to Friday - 08:00 am to 06:00 pm)
   

• HTTP (Hypertext Transfer Protocol) is a protocol used to transfer data in networks. HTTP is a general technical standard that defines how a Web browser communicates with a server so that the data requested by the client can be loaded and displayed.
   
• HTTP focuses on providing the information, but cares less about how that information gets from one place to another safely and unaltered. This means that the data can be intercepted and also changed during communication, making both the information and the receiver (you) vulnerable.
  
   
• HTTPS or “Hyper Text Transfer Protocol Secure” on the other hand, is the more advanced and protected protocol, completing the same task but in an encrypted manner. This ensures a tamper-proof connection between the website operator and your web browser.
  The easiest way to identify if your connection is secure, is i) by looking for the https:// at the start of the website address in your web browser’s address bar, and ii) by the closed padlock symbol located next to the address bar.
   

All of our websites are encrypted with HTTPS – protecting your data from vulnerabilities and potential fraud from third parties.

A Trojan is any kind of malicious software disguised as legitimate. Trojans are often designed to steal sensitive information from users such as login details, account numbers, financial information, credit card information.

• A Banking Trojan is a type of malware that tries to collect the credentials of online banking customers from infected machines and poses a significant risk to banking customers and businesses alike.
   
• Banking Trojans are becoming ever-more sophisticated and often cannot even be identified or detected, disguising itself as a genuine app or software that users download or install. Once installed, it positions itself in a way to access the user’s banking details.
  How it positions itself depends on the individual malware since each one steals
  your data in a slightly different manner.
   

• We recommend that you always check for the latest versions of your browser,
  firewall and virus scanner. Make sure to regularly "update" these programs and
  to perform regular scans for viruses.
   
• Never store your passwords (or any private access keys) unsecured on your computer
  and make sure to change your passwords regularly. Whenever possible, use a different password for each website and service.
   
• Keep your eyes open for suspicious behavior. If something “seems off”,
  make sure to check if you actually are where you think you are
  before entering any details.
   

• An unusual slow computer startup and slow performance when nothing else is running
  on the system could be a sign of a virus or other infection.
   
• Browsers that load Web pages slowly and run Web sites slowly.
   
• Suspicious behavior such as a suddenly slow computer, opening programs or
  closing programs repeatedly might be a sign you are infected.
   
• Failed to log on the first time you try to log on to a system or webpage,
  even though your password was entered correctly.
   
• New or unexpected form elements in bank web pages, such as fields that
  ask for credit card numbers or PINs.
   

• Media reports about so-called fake accounts, i.e. account openings with fraudulent intent,
  have been piling up recently. For us as a bank, it initially appears like a normal account opening, which is carried out by a new customer.
  Each of these account opening processes follow a personal identification via ID card as part of the video identification process.
  A possible fraud can already occur here if perpetrators use fake ID documents for personal identification. Accounts that have already been opened with fraudulent intent are often offered for sale on the Darknet.
   
• Another variant of the fraudulent account opening is unfortunately all too often done by manipulation. A tempting offer (market research survey, job offer, loan) is used to tempt customers to open an account on their own behalf - for example, for salary payments or loan distributions. But instead of paying out an amount as promised, the fraudsters take over the legally created account and misuse it for their purposes.
   
• The accounts opened in this way are mostly used by fraudsters for their criminal business. We would like to emphasize that not only the victims themselves but also the bank are victims of this fraud. This affects not only pure online banks, but banks in general.
   

• We are continuously working to prevent any illegal activity in our online banking.
  Our control and monitoring measures to prevent the opening of fraudulent accounts have been further expanded in recent years, and in many cases, we are able to prevent the planned fraud in advance.
   
• Protect yourself by not disclosing personal data and documents to third parties.
   
• If you are prompted by someone to open a bank account in your name, ignore this instruction and please contact our customer service immediately.
   
• Contact for Private Customers:
  Email: info@fidor.de
  Tel:     0049 89 189 085 233
  Fax:    0049 89 189 085 199
   
• Contact for Business Customers:
  Email: geschaeftskonto@fidor.de
  Tel:     0049 89 189 085 300
  Fax:    0049 89 189 085 399
   
• Opening times:
  Monday to Friday: 08:00 am to 06:00 pm
  Saturday, Sunday & Holidays: 09:00 am to 06:00 pm

Alternatively, please visit Contact & Help for more details.

• If you believe your security has been jeopardized or that you may have been a victim of a fraudulent account opening, please call the numbers below or contact our customer service immediately.
  
  Alternatively, please visit Contact & Help for more details.
   
• Emergency Card Blocking Hotline:
  Within Germany*: 116 116
  Outside Germany**: 0049 116 116 OR 0049 30 40 50 40 50
  
  *Calls from within Germany are free of charge
  **Calls from abroad are subjected to prices from foreign providers
   
• Emergency Account Blocking Hotline:
  0049 89 189 085 454
   
• Contact for Private Customers:
  Email: info@fidor.de
  Tel:     0049 89 189 085 233
  Fax:    0049 89 189 085 199
   
• Contact for Business Customers:
  Email: geschaeftskonto@fidor.de
  Tel:     0049 89 189 085 300
  Fax:    0049 89 189 085 399
   
• Opening times:
  Monday to Friday: 08:00 am to 06:00 pm
  Saturday, Sunday & Holidays: 09:00 am to 06:00 pm
   

Geoblocking is a security measure that we provide with our Fidor cards. The geoblocking function restricts the use of your Mastercard^® in some countries. This prevents your card details from being misused in countries that are rated as particularly risky and insecure, either by theft or by preventing third parties from obtaining your card details.

More and more banks are offering geoblocking. So, what’s special about Fidor? We empower you to decide for yourself in which countries you wish your card to be valid in. Additionally, you can also set your personal limit and thus, ensure even more security.

You can use your Fidor cards anywhere in the EU and UK. All countries outside of the EU and UK are automatically blocked. If you want to unblock your card for individual countries, you can adjust the settings in the card management function of your desktop banking or in the Fidor app. While you can block or unblock individual countries in the app, you can also use the desktop banking to activate or deactivate specific regions.
 

Always make sure you're on the real Fidor Bank site. Check this in the first step by comparing the internet address in your browser. In addition to the mTAN procedure, Fidor Bank uses the SSL (Secure Socket Layer) encryption procedure to encrypt the online pages. You can tell by the "s" in the URL when you are logged in. 

It stands for an SSL connection, which ensures that the transmission between your computer and the bank computer is encrypted and thus secure for the duration of your online session. Your data is thus protected from unauthorised access by third parties. As long as this 128-bit encryption is active, the data cannot be read or used by third parties.

Mozilla Firefox: you can find the lock symbol in the status bar. This appears during a secure connection. If you click on the lock symbol in the status bar, a dialogue box with the security information opens. Click on the "More information" button to see information about the validity of the certificate and to see who the certificate is issued to (issued to fidor.banking.de). To view the information, please click on the button "Show certificate" and then on "General".

Google Chrome: you can find the lock symbol in the top left of the entry bar for Internet URLs. A double-click on the symbol opens a dialogue box with the properties and contents of the certificate.

The free mobile TAN is one of the most secure procedures in online banking. In addition, phishing attacks on TANs in the mTAN process are also made more difficult. You will receive these via SMS on your mobile phone. If you enter the mTAN incorrectly three times in a row, your transaction will be aborted and you will receive a new mTAN. For security reasons, your mTAN is only valid for a certain period of time.

An mTAN is a mobile TAN or smsTAN and is transmitted via SMS to electronic banking users. As an online banking customer, you will receive a TAN on your mobile phone from Fidor Bank via SMS, which can only be used for this transaction, after the completed transfer has been sent via the Internet. The order must then be confirmed with this mTAN.

Why is this variant more secure? By limiting the validity period of the mTAN to only the transaction ordered in each case, redirection to another account should be prevented. In addition, phishing attacks on TANs in the mTAN process are also made more difficult.

Even if you lose your mobile phone, you don't have to worry because the validity of the mTAN is limited. SMS may also tell you about unauthorised transfer attempts, so you can immediately block your account. The use of mTANs at Fidor Bank is free of charge.

We require your mobile phone number for the mTAN procedure: Whenever you place an online order with us, you will receive an mTAN by SMS on your mobile phone. It is necessary to enter the mTAN to confirm the order. In addition, you can subscribe to various alerts (SMS / e-mail) for your Fidor Mastercard^® in order to always be well informed about your card-transactions.

Please remember that we will never ask you online enter personal data such as PINs or TANs or to update your mobile phone with software. Do not upload any updates to your mobile phone that you have received via SMS or MMS.