How N26 will contact you — and how we won’t

How N26 will contact you — and how we won’t

Scammers and fraudsters may pose as representatives of N26 to try to steal customer data. Here, we dive into how N26 will and won’t contact you, so that you can spot the scams.

JULY 27, 2023

10 min read

Keeping customer accounts safe has always been the top priority for banks. At N26, we’ve gone the extra mile to create a secure and intuitive banking experience. From two-factor authentication to 3D Secure technology, we’re adhering to the highest standards of financial crime prevention. Still, like all banks, our customers get targeted by con artists posing as N26 employees. Their goal: trick N26 customers into sharing sensitive data, clicking on fraudulent links, or transferring money to illegitimate accounts. To stop financial criminals in their tracks, both banks and customers need to remain vigilant. In this article, we explain how N26 will contact you — and how we won’t. We’ll also look at different types of social engineering tactics, and offer some tips to help you keep your account and personal data secure.

N26 communication: How to tell the real from the fake

Telling the difference between real and fake messages can be tough. Keep reading for a side-by-side comparison showing exactly how we’ll communicate with you — and how we won’t.

Phone calls

With phone calls, it’s pretty straightforward: If you receive a cold call from N26, it’s a scam. N26 will never contact you unprompted via phone. If a phone call is necessary, we’ll always use the Secure Message feature in your N26 app to set it up.

Fake phone call	Legitimate N26 phone call
Any cold call claiming to be N26 — period. Calls in which someone requests information about your account information or personal details.Any call about a fraudulent transaction.Any call from someone claiming to be a “fraud prevention specialist or agent.”	If we need to speak with you on the phone, we’ll make arrangements first using the Secure Message feature in your N26 app.

Text messages

When N26 uses text messages, the primary purpose is to send you verification codes. These codes are meant for you to enter directly in the N26 app, or via a Support Chat with a N26 Customer Support representative. We’ll never ask you to share these verification codes via email or social media. We may also send an SMS to inform you of changes to your personal data, which will always redirect you to get in touch with Customer Support via your banking app. N26 will also never send you clickable links or demands via SMS, ask you to download any software or install an app, or contact you via WhatsApp.

Fake text message	Legitimate N26 text message
WhatsApp messages of any kind — N26 will never contact you via WhatsApp!	An SMS verification code for:logging in to your accountconfirming an action in the N26 app or with Customer Supportchanging your account details, like adding a new phone number
“Urgent” messages saying that you need to take action on your account, or respond with account details or personal information	A message to inform you about changes to your personal data. If this occurs, you will be asked to contact Customer Support via the N26 app for any issues.
Any kind of suspicious link or download request

Emails

Email communication from N26 will only take these two forms:

Marketing emails from newsletter@email.n26.com and newsletter@emails.n26.com to inform you about new products or articles
Alerts from noreply@n26.com, noreply@email.n26.com, or noreply@emails.n26.com about important messages in the Secure Inbox section of your N26 app, data changes, surveys, or notifications about account security
Contact from support@n26.com via email in case you don’t have access to your N26 account

If we have any sensitive request requiring your attention, we’ll contact you via the in-app Secure Inbox feature. You’ll receive an email letting you know that there’s a message in your Secure Inbox, plus a push notification if you have them enabled. That’s it! A few other things to know: N26 will never request information from you via email, ask you to respond to an email with any personal data, or send you links to download anything. Be suspicious of emails that try any of those tactics.

Fake emails	Legitimate N26 emails
Asks you to respond with sensitive or personal information	N26 will never request sensitive or personal information via email. Any request for information will direct you to login via the N26 application.
Urgent or threatening language that demands you take immediate action	Sent via the Secure Inbox feature in the N26 appWon’t ask you to respond via email
Generic greetings like "Dear N26 Customer"	Personal greeting using your first name
May contain misspelled words or strange phrases	Clear and easy to read
Comes from a suspicious address with a mixture of capital and lower-case letters and numbersBut watch out: Fraudsters can easily spoof the email address — it might look like it comes from Support@n26.com. If you get an email that looks like it comes from Support but it asks you for personal information, it’s a scam.	The sender should always be support@n26.com, noreply@n26.com or noreply@email.n26.com. Or, if you’re signed up for marketing communication, that address will be: newsletter@email.n26.com.

The N26 website

Our website URL is n26.com and our support page is support.n26.com. Some email or SMS phishing scams will use fake URLs that look similar, but they don’t belong to N26. Here are a few ways to check for fakes:

Simply hover over the link — without clicking on it! — with your cursor so that the web address appears at the bottom left-hand corner of your screen. Watch out for unusual characters in the URL.
Google the URL or domain, or check websites like “urlscan.io” to see if the URL has been tagged as fraudulent.
Look for the padlock symbol that indicates a secure connection — it’s located next to the website URL in your browser window. Click on the padlock to verify the website credentials, or to check if the Secure Sockets Layer (SSL) certificate is valid and who it was issued to.

Fake website	Legitimate N26 website
Extra long URLsURLs with odd charactersA URL that doesn’t contain “n26”	Our website URL is n26.com. Our support page is support.n26.com. Our online banking app is app.n26.com/loginThese URLs may have simple additions to indicate the country, language, or page topic.
	Here are some examples of legitimate N26 URLs: n26.com/en-frhttps://n26.com/en-eu/blog/swing-tradinghttps://support.n26.com/en-eu/app-and-features/spaces/what-are-cards-for-spaces

Why are fraudulent messages dangerous?

So, now we know what scam messages and links can look like — but what are these techniques actually for?Fraudsters today often resort to social engineering techniques to steal sensitive information from customers, because bank accounts and credit card details are increasingly difficult to hack. Instead, they pose as a trusted person or authority to manipulate or pressure victims into giving them access to their accounts or funds. Though social engineering can be done in person, these days, it’s mostly done online or via phone through a practice known as “phishing.”

What is phishing and why is it so effective?

Phishing is a tactic designed to con unsuspecting customers into handing over sensitive information, downloading malware, or transferring personal funds. Phishing attempts may take the form of email, text or social media messages, or even phone calls. For example, you may receive an email that looks as if it comes from your bank telling you there’s a problem with your account, asking you to update your details by following a fake link. Alternatively, fraudsters may contact you via text or social media with an offer that sounds too good to be true, asking you to enter personal details in order to claim a reward. Whether they’re trying to pressure you through fear or enthusiasm, phishing scammers can be astonishingly convincing.

Types of phishing scams

Because of the widespread use of digital technology, fraudsters can use phishing techniques to much success, even without much technical know-how. Here are the three most common types of phishing in practice today.

Email phishing

Email phishing is one of the most common types. With this tactic, fraudsters send out emails claiming to be a company, government authority, or even a family friend. These emails may link to a fake website that impersonates a real company. Then, they’ll ask you to enter your personal details, bank account login, or credit card data. Once the scammers get your personal details, they can use them to log in to your bank account and stage an account takeover, or use your credit card details to conduct card fraud. Alternatively, email phishers might pose as a friend or family member in need of help, asking for an immediate transfer of funds.

Smishing

SMS phishing, known colloquially as “smishing,” is a type of phishing done via text message. This kind of phishing scam involves reaching out to smartphone users via text with alleged account alerts, prize notifications, or even postal scams. With the latter, customers may get an email or a text message that looks like it comes from Deutsche Post, for example, asking them to tap a link and insert payment details to get their package. Once the payment links have been entered, the scammer has access to their victim’s bank account or credit card and can wreak havoc on their financial life. An increasingly dangerous type of smishing is conducted via WhatsApp, particularly for so-called “grandparent scams.” Here, a fraudster may reach out to someone’s grandparent via WhatsApp, claiming to be their grandchild and requesting a bank transfer or PayPal payment.

Vishing

This portmanteau word that mashes up “voice” and “phishing” is a type of scam conducted via phone call or voicemail. It’s used by fraudsters to gain access to victims’ money or other personal information. They might try to access a person’s bank account, steal credit card numbers, or even trick them into transferring money themselves.

11 more tips for protecting yourself from scams

Scammers are smart. That’s why it’s important to be vigilant about protecting yourself and your personal information. Here are 11 more tips on how to do that.

Keep your N26 app and computer updated with the latest updates and bug fixes.
Use fingerprint or facial recognition to log in to your account.
Create strong passwords with letters, numbers, and symbols — and never use the same one across multiple accounts.
Always look carefully at where emails come from if they’re requesting something from you. Pay especially close attention to the sender’s details and to any URLs that seem suspicious.
Be careful with public or shared WIFI connections — always choose secure WPA2 connections over WEP connections and use a VPN where possible.
Enable location tracking on your N26 app, so we can spot irregular transactions that you may not have made.
If a message sounds urgent, take your time and don’t be pressured into taking immediate action. Instilling a sense of panic or even excitement is one of the most common social engineering tactics that scammers rely on. They want people to act first and think later.
Remember: If an offer — online or offline — seems too good to be true, it probably is.
Use multi-factor-authentication (also known as 2-Factor Authentication or 2FA), which uses your smartphone or another device to confirm your access to your accounts.
Always double-check links sent in emails. When in doubt, search online for the website rather than clicking on the link itself.
Never download files, share personal information, or click on links from unknown senders.

Secure banking with N26

We’re proud to bring our customers convenient, digital banking — without compromising on security. At N26, protecting your finances is our first priority. Experience peace of mind, thanks to security features such as biometric authentication, smartphone pairing, and 3D Secure technology. Receive instant push notifications whenever money enters or leaves your account, so you always know what’s happening. If you think you’ve been a victim of a scam, don’t hesitate to contact our N26 Customer Support team. They’re there to help seven days a week via the in-app chat function or the N26 WebApp. And if you want to learn more about staying safe online, check out our online security guide. It’s full of handy tips to protect your finances against scams.