Security

Protect your computer, mobile phone and personal data. For your own and your company's sake.
 woman by computer

At Handelsbanken we are constantly refining and developing our security solutions. We carry out regular tests and updates of our systems and we monitor transactions. If we find something unusual, we will contact you. But there are also things you can do yourself if you are affected, or in order to prevent fraud.

We manage your company's and your personal data in a secure way.

Cookies

CEO fraud

Attempts at fraud aimed at companies have risen sharply. One of the more common types of attempted fraud is what the media have been calling CEO fraud.

How it works
The fraudster poses as the CEO or as one of the other senior company executives. Using a false or hijacked e-mail address, the fraudster sends an e-mail to the accounts department, asking them to make a payment.

There have also been cases where the fraudster has phoned an employee at the company to prepare them for an incoming e-mail, in order to reduce the risk of raising suspicion.


How to avoid becoming a victim

  • Ensure that all information relating to the payment is in order.
  • Do not respond to payment orders that deviate from the norm in some way without first checking that it is correct to proceed with the payment.
  • Pay attention to the type of language used in e-mails you receive.
  • Pay attention to the sender’s address of the e-mails you receive.

If you are affected – contact us immediately

Contact us immediately if your log-on card is lost or stolen, if you lose your mobile phone containing a mobile BankID, if you are the victim of fraud or if you have disclosed sensitive information.

Block your log-on card and BankID

Remember that your BankID is a form of identification, just like your driving licence or passport.

Within Sweden: 020-41 12 12
From outside Sweden: +46 8 41 12 122

ett kvitto

Fraud

Make a police report and contact us.

Personal: 0771-59 60 60
Corporate: 0771-23 40 00

dator med en pil på

Phishing

If you suspect that you have received a false e-mail (phising) that appears to come from Handelsbanken, forward the entire e-mail to: reportphish@handelsbanken.se


Actions you can take to improve your own security

Handelsbanken prioritises your security. Nevertheless, for you to avoid being a victim of fraud, you also need to think about how to protect your devices, such as computers and phones, your cards and PINs and particularly yourself by protecting your identity.

Mobilt BankID and BankID on card

Make sure you always have the latest version of Mobile BankID on your mobile phone or tablet. Remember that we never ask you to identify yourself using your Mobile BankID by phone, text message or e-mail. The same applies to BankID with a log-in card and a card reader. You should only ever log in at your own initiative. If you suspect that someone has access to your log-in details, or that you have been exposed to fraud, you need to block your BankID or log-in card.

Computers and mobile devices

Update your operating system, browser and BankID security program regularly, so that you always have the latest version. Use an updated antivirus program and preferably a firewall. Don’t install unknown programs. When visiting unknown websites, make sure that no malware is installed. Only install apps from official app distributors like Google Play Store or Apple App Store. 

Passwords

Protect yourself and your accounts by making sure that your passwords and codes to the internet bank and your BankID is not used by anyone else.

Card information

Never disclose the CVC code or any other information about your card unless you are certain that you are talking to authorised Handelsbanken staff and that you have initiated the contact yourself. The bank never asks for information about your card over the phone or via e-mail, letter or text message.

Personal information

Only give out your civic registration number when necessary. Check credit reports and invoices to make sure that they only contain credits which you have applied for yourself. If possible, use a lockable letterbox to reduce the risk of letters being stolen.

Prevent unauthorised changes of address

Blocking unauthorised change of address is an e-service from the Swedish Tax Agency which allows you to prevent an unauthorised person from changing your address. Using the e-service, you indicate that the Swedish Tax Agency can only approve changes of address which are done using e-identification. This is to reduce the risk of anyone using your personal data for fraud or identity theft.

Prevent unauthorised changes of address

Blocking unauthorised change of address is an e-service from the Swedish Tax Agency which allows you to prevent an unauthorised person from changing your address. Using the e-service, you indicate that the Swedish Tax Agency can only approve changes of address which are done using e-identification. This is to reduce the risk of anyone using your personal data for fraud or identity theft.


Phishing

Phishing involves a fraudster trying to “fish” for sensitive information by using e-mail, telephone or social media.

E-mail
This usually relates to someone sending you an e-mail which appears to have been sent from a trustworthy organisation, such as your bank. The fraudster then tries to trick you to provide the information needed to log on to your online banking service. No bank asks for information of this kind, particularly not by e-mail.

Telephone and SMS text-message
Someone calls you saying that they represent a company with which you are familiar. For example, the caller may say that they are a support company that wants to help you with a problem they allege that you have with your computer, such as a virus. This phenomenon is called false support. With the help of conversation techniques, they try to trick you into revealing your PIN, response codes or card number. Trustworthy customers don’t contact customers in this way.

Social media
On social media, we often assume that we are talking to our friends, but if we are unlucky, it may be someone with completely different objectives. It is not uncommon for individuals to have their social media accounts hijacked. The fraudster then tries to trick friends of the individual into revealing their response codes so that he/she can log on to their online banking service. If one of your friends asks you about response codes or card numbers, it is very likely that it is not your friend who is asking the question.

Remember:
Don’t let anyone control your computer remotely. If you receive an e-mail in the name of Handelsbanken, with questions about your log-on information, you should never answer it or click on any links which may be included in the message. 

Do not use links to Handelsbanken that you receive as part of an e-mail or SMS text message. Instead, enter Handelsbanken’s address directly into the browser.

Viruses or trojans

A virus or a trojan is a programme which contains harmful code. Using the virus or the trojan, the fraudster intends to steal personal information from your computer, tablet or mobile phone. Some trojans allow the fraudster to take control of your computer over the internet, without you being aware that this is happening. Viruses can be spread by e-mail when you receive an e-mail containing an attached file.

Remember:
Use an updated antivirus program. Do not open links and attached files which you receive by e-mail or SMS text message if you don’t know what they contain. Nor should you answer messages when the sending party is unknown.

It is also important to notice if websites you use regularly, such as the log-on page for Handelsbanken Online Banking, look different in any way. This may be an indication that your computer has been attacked and that in reality you have ended up on a different site than that of Handelsbanken.

Don’t modify the operating system of your mobile phone by, for example, jailbreaking your phone. Jailbreaking involves unlocking Apple’s software blocks to get access to the complete file system of the IOS unit. By doing so, virus and trojans may be included in any apps you download in the future.

More about security and fraud

Card fraud

There are several ways in which your card can end up in the wrong hands. For example, someone may make a note of your PIN when you withdraw cash from a cash dispenser or when you pay for something using your card. The person then steals the card and can empty your account.

Using a technique called skimming, a fraudster can copy information from the card’s magnetic strip or read the embossed information on the card when it is used. Skimming can take place at any location where the card is used, such as ATMs, petrol stations, POS terminals and other places which use card readers.

Remember:
Don’t let your card out of your sight at restaurants or hotels. When you use a point-of-sale terminal, check that the terminal doesn’t look unusual or manipulated in any way.

Identity theft

Identity theft means that someone uses your identity to buy goods, take out subscriptions or secure a loan in your name.

Remember:
To protect your identity, it is important that you only give out your civic registration number when it is necessary to do so. Always check credit reports and invoices to make sure that they only contain credits which you have applied for yourself. If anything appears wrong, contact the merchant directly. If possible, use a lockable letterbox to reduce the risk of letters being stolen.

You should also be careful about what information you publish on the internet and social media, particularly when you are away from home. 

Don’t use the same password for accounts which are connected to social media or to your e-mail because this may make it easier for a fraudster to access them.

Phishing

Phishing involves a fraudster trying to “fish” for sensitive information by using e-mail, telephone or social media.

E-mail
This usually relates to someone sending you an e-mail which appears to have been sent from a trustworthy organisation, such as your bank. The fraudster then tries to trick you to provide the information needed to log on to your online banking service. No bank asks for information of this kind, particularly not by e-mail.

Telephone and SMS text-message
Someone calls you saying that they represent a company with which you are familiar. For example, the caller may say that they are a support company that wants to help you with a problem they allege that you have with your computer, such as a virus. This phenomenon is called false support. With the help of conversation techniques, they try to trick you into revealing your PIN, response codes or card number. Trustworthy customers don’t contact customers in this way.

Social media
On social media, we often assume that we are talking to our friends, but if we are unlucky, it may be someone with completely different objectives. It is not uncommon for individuals to have their social media accounts hijacked. The fraudster then tries to trick friends of the individual into revealing their response codes so that he/she can log on to their online banking service. If one of your friends asks you about response codes or card numbers, it is very likely that it is not your friend who is asking the question.

Remember:
Don’t let anyone control your computer remotely. If you receive an e-mail in the name of Handelsbanken, with questions about your log-on information, you should never answer it or click on any links which may be included in the message. 

Do not use links to Handelsbanken that you receive as part of an e-mail or SMS text message. Instead, enter Handelsbanken’s address directly into the browser.