14 July 2015

Protect your personal data – email phishing

Phishing emails attempt to acquire sensitive information such as usernames and passwords often for malicious reasons, by masquerading as a trustworthy entity (such as SWIFT or your personal bank) in an electronic communication. We strongly recommend you to be vigilant about this fraudulent practise.

Please note that SWIFT will never ask you to reply to an email with any personal information or data.

When you need to communicate personal information to SWIFT, please use a secure access to one of the applications on swift.com. To be sure you are using the secure SWIFT access mode, please verify that the URL in your browser starts with https://www2.swift.com/ or https://login.swift.com/.

For more information please see our security guidelines on swift.com.

Here are some tips to help identify if a message you receive is fraudulent:

  • Unofficial "From" address- It is common for cybercriminals to use web addresses that look similar to known entities - but are slightly altered.
  • Insisting on a "call to action"- Messages that require urgent action can often be fraudulent. This technique is used to take advantage of your concern and trick you into providing confidential information.
  • Links to fake websites- A link to a fake web site that looks similar to the sign-in page of a legitimate web site is another method often used in these type of mails.
  • Generic greetings- Cybercriminals may obtain email addresses, but it is often more difficult for them to identify real names. Therefore, in fraudulent e-mails, it is common to see generic greetings such as "Dear Customer," or "Dear Member."