Ensuring your security

Protect your computer, mobile phone and personal data.

A continuos work for a high level of security

Handelsbanken is constantly refining and developing its security solutions and we manage your personal data in a secure way. We carry out regular tests and updates of our systems and we monitor transactions. If we find something unusual, we will contact you. But there are also things you can do yourself if you are affected, or in order to prevent fraud.

Remember that we never ask you to identify yourself using your Mobile BankID by phone, text message or e-mail. The same applies when using your BankID with a log-in card and a card reader. You should only ever log in using your Mobile BankID at your own initiative.

There is more you can do to prevent fraud. Read more about how to protect yourself below.

Protecting your e-identification (new window)Opens in a new window

Actions you can take to improve your own security

Handelsbanken prioritises your security. Nevertheless, for you to avoid being a victim of fraud, you also need to think about how to protect your devices, such as computers and phones, your cards and PINs and particularly yourself by protecting your identity.

Mobilt BankID and BankID on card

Always make sure to have the latest version of Mobilt BankID installed. Please note that we never ask you to verify your identity with Mobilt BankID via phone, text message or e-mail. This is also true for BankID on card with card reader. When you log on using Mobilt BankID, it should always be on your own initiative.


Update your operating system, browser and BankID security program regularly, so that you always have the latest version. Use an updated antivirus program and preferably a firewall. Don’t install unknown programs.

Mobile phones and tablets

Update the mobile app and BankID security app when new versions become available. Only download apps from official app distributors such as the Apple App Store and the Google Play Store.

Card information

Never disclose the CVC code or any other information about your card unless you are certain that you are talking to authorised Handelsbanken staff and that you have initiated the contact yourself. The bank never asks for information about your card over the phone or via e-mail, letter or text message.

Personal information

Only give out your civic registration number when necessary. Check credit reports and invoices to make sure that they only contain credits which you have applied for yourself. If possible, use a lockable letterbox to reduce the risk of letters being stolen.

Prevent unauthorised changes of address

Blocking unauthorised change of address is an e-service from the Swedish Tax Agency which allows you to prevent an unauthorised person from changing your address. Using the e-service, you indicate that the Swedish Tax Agency can only approve changes of address which are done using e-identification. This is to reduce the risk of anyone using your personal data for fraud or identity theft.

Investment fraud

How you may be deceived 

Investment fraud is becoming increasingly common, and is often long-term. Usually, the fraud involves tricking an investor out of money on repeated occasions. It may be done in the following way: 

  1. The fraud often starts with an evening phone call from an English-speaking advisor who wants to tell you about profitable investments. The advisor is keen to send you a brochure about the brokerage firm. After this, more contacts follow. Once confidence has been established, you receive an offer about a very attractive investment.
  2. However, when you want to sell, the “conditions” are rarely right. Often, you are persuaded to invest more money to lower the average price. You may also receive a call from another broker that wants to buy your shares, but in order to sell them, you have to pay a number of fake fees in advance. 
  3. The last phase involves you being phoned by a lawyer who claims to represent several other parties who have also been tricked. In return for paying further advance fees, you can get help to sue the brokerage firm.

The fraudulent companies often have professional-looking websites and names which closely resemble those of well-known firms. The companies often refer to fictitious public authorities and the websites of these authorities, for which they themselves are responsible. More information can be found at Finansinspektionen.seOpens in a new window (new window).

Avoid being tricked

  • If it sounds too good to be true, then it probably is.
  • Make sure that you understand the investment.
  • Serious companies rarely phone in the evening to propose investment offers.
  • Check whether the company is included on the warning list from the Swedish Financial Supervisory Authority.
  • Never give away credit card information over the phone.

More about security and fraud

Card fraud

There are several ways in which your card can end up in the wrong hands. For example, someone may make a note of your PIN when you withdraw cash from a cash dispenser or when you pay for something using your card. The person then steals the card and can empty your account.

Using a technique called skimming, a fraudster can copy information from the card’s magnetic strip or read the embossed information on the card when it is used. Skimming can take place at any location where the card is used, such as ATMs, petrol stations, POS terminals and other places which use card readers.

Don’t let your card out of your sight at restaurants or hotels. When you use a point-of-sale terminal, check that the terminal doesn’t look unusual or manipulated in any way.

Identity theft

Identity theft means that someone uses your identity to buy goods, take out subscriptions or secure a loan in your name.

To protect your identity, it is important that you only give out your civic registration number when it is necessary to do so. Always check credit reports and invoices to make sure that they only contain credits which you have applied for yourself. If anything appears wrong, contact the merchant directly. If possible, use a lockable letterbox to reduce the risk of letters being stolen.

You should also be careful about what information you publish on the internet and social media, particularly when you are away from home. 

Don’t use the same password for accounts which are connected to social media or to your e-mail because this may make it easier for a fraudster to access them.


Phishing involves a fraudster trying to “fish” for sensitive information by using e-mail, telephone or social media.

This usually relates to someone sending you an e-mail which appears to have been sent from a trustworthy organisation, such as your bank. The fraudster then tries to trick you to provide the information needed to log on to your online banking service. No bank asks for information of this kind, particularly not by e-mail.

Telephone and SMS text-message
Someone calls you saying that they represent a company with which you are familiar. For example, the caller may say that they are a support company that wants to help you with a problem they allege that you have with your computer, such as a virus. This phenomenon is called false support. With the help of conversation techniques, they try to trick you into revealing your PIN, response codes or card number. Trustworthy customers don’t contact customers in this way.

Social media
On social media, we often assume that we are talking to our friends, but if we are unlucky, it may be someone with completely different objectives. It is not uncommon for individuals to have their social media accounts hijacked. The fraudster then tries to trick friends of the individual into revealing their response codes so that he/she can log on to their online banking service. If one of your friends asks you about response codes or card numbers, it is very likely that it is not your friend who is asking the question.

Don’t let anyone control your computer remotely. If you receive an e-mail in the name of Handelsbanken, with questions about your log-on information, you should never answer it or click on any links which may be included in the message. 

Do not use links to Handelsbanken that you receive as part of an e-mail or SMS text message. Instead, enter Handelsbanken’s address directly into the browser.

Viruses or trojans

A virus or a trojan is a programme which contains harmful code. Using the virus or the trojan, the fraudster intends to steal personal information from your computer, tablet or mobile phone. Some trojans allow the fraudster to take control of your computer over the internet, without you being aware that this is happening. Viruses can be spread by e-mail when you receive an e-mail containing an attached file.

Use an updated antivirus program. Do not open links and attached files which you receive by e-mail or SMS text message if you don’t know what they contain. Nor should you answer messages when the sending party is unknown.

It is also important to notice if websites you use regularly, such as the log-on page for Handelsbanken Online Banking, look different in any way. This may be an indication that your computer has been attacked and that in reality you have ended up on a different site than that of Handelsbanken.

Don’t modify the operating system of your mobile phone by, for example, jailbreaking your phone. Jailbreaking involves unlocking Apple’s software blocks to get access to the complete file system of the IOS unit. By doing so, virus and trojans may be included in any apps you download in the future.

Fraud aimed at companies is increasing

This is how CEO fraud may happen

Attempts at fraud aimed at companies have risen sharply. One of the most common types of attempted fraud is what is known as CEO fraud. The fraudster poses as the CEO of the company or another senior executive. Using a false or hijacked e-mail address, the fraudster sends an e-mail to the accounts department, asking them to make a payment.                                

There have also been cases where the fraudster has phoned an employee of the company to prepare them for an incoming e-mail, in order to reduce the risk of raising suspicion.

How to avoid becoming a victim

  • Ensure that all information relating to the payment is correct.
  • Do not act on payment orders that deviate from the norm.
  • Always check new account numbers prior to making payment.
  • Pay attention to the sender’s address in e-mails.

If you are affected – contact us immediately

Contact us immediately if your log-on card is stolen, if you lose your mobile phone containing a mobile BankID, if you are the victim of fraud or if you have disclosed sensitive information.

Block your log-on card and BankID

Remember that your BankID is a form of identification, just like your driving licence or passport.

Within Sweden: 020-41 12 12
From outside Sweden: +46 8 41 12 122

ett kvitto


Make a police report and contact us.

Personal: 0771-59 60 60
Corporate: 0771-23 40 00

dator med en pil på


If you suspect that you have received a false e-mail (phising) that appears to come from Handelsbanken, forward the entire e-mail to: reportphish@handelsbanken.se