How to protect yourself from phishing
Strengthen the security of your devices and keep your operating system, browser and applications up to date. This combination can help you avoid an economic headache.
Never enter your personal data on a website you accessed via email. If you are familiar with the website, enter it by typing the address into a browser.
Review your accounts periodically to keep track of transactions made with them as well as their total balance. If you see any transactions that you do not recognize, immediately contact Customer Service (or your account manager) to resolve them.
Remember that BBVA will never ask you for any banking information by email or SMS, so please do not provide it through these channels.
Always check the URL of the link you have been sent. Even the slightest detail (a different letter, a dot or a dash, for example) can be key to not falling into a trap. You should also verify that the link begins with “https,” an unmistakable sign of security.
Verify that the sender of the email is the official sender. Cybercriminals often use techniques to simulate the actual company or entity, e.g. including a special character between them (bbv-A, for example) or by changing a letter to a similar one (bbua).
Stop reading the message if it’s extremely alarming or if you’re forced to make a decision in a short period of time. If either of these cases actually were to occur, the bank would contact its customer through a more secure channel.
Do not download an email attachment, especially if it hasn’t been scanned by antivirus software, unless you know it comes from a secure source.