Have you been a victim of a scam?
- Call us directly on 0771-365 365.
- Block your BankID.
- Report the incident to the police.
Common scams – and how to protect yourself
- Never give out passwords or codes from your Digipass or BankID.
- Is someone claiming to be calling from the bank? Hang up and call customer service yourself.
- Never download software when the request is made by someone you don't know.
- Get extra protection with our free security features.
Fraud offences are becoming more common as the methods become more varied. To best protect yourself against scammers, you need to be well prepared and stay scam-aware. We want to help you recognise and address suspected scams so that you don’t fall prey to them yourself. Here, you can learn more about common types of scams and what you can do if you become a victim.
3 real-life examples of scams
Advertising scam
‘25 sqm studio flat for sublet. 5,000 SEK/month. Near the university and the metro.’ As soon as Sam saw the ad in his Facebook feed, he got in touch via Messenger. The flat in the pictures looked perfect – and he had already accepted his admissions offer in Stockholm.
The landlord, Johanna M, responded quickly. Several people had already contacted her, but no one had confirmed yet. If Sam could decide quickly, he still had a chance. First, Johanna just wanted to run a credit check on him with the credit reference agency UC – for the safety of both of them, she explained.
Johanna asked Sam to identify himself using his mobile Bank ID. Sam opened the app, entered his code and accepted. The fake landlord was then able to identify himself as Sam at his bank, access his accounts and transfer money to himself.
What could Sam have done differently?
- Always be extra careful about things that sound too good to be true.
- Never use your BankID or Digipass at someone else’s request.
- If you feel rushed, always pay extra attention.
- Never pay in advance for a product or service if you do not know the recipient.
Telephone scam – vishing (voice phishing)
What was that horrible sound? Oh, the telephone. Beatrice answered. It turned out to be a nice young man from the Swedish Tax Agency calling. Apparently, Beatrice was going to get a refund – money back on her taxes.
In order for the payment to be made to Beatrice’s account, she needed to identify herself using her Digipass. She flinched, remembering something about never giving out her PIN code. But that was the PIN code – not all those other numbers that were displayed after you had entered the code. And nice people could usually be trusted. Beatrice did as the young man said.
Using the response code from Beatrice’s Digipass, the scammers were able to access her account and drain it of her money...
What could Beatrice have done differently?
- Never start and use your BankID at the request of someone who has contacted you.
- Never give out your PIN codes, or the codes you receive in your Digipass or by text message.
- Always end calls and then call the bank or company yourself if you are unsure.
Text message scam – smishing (SMS phishing)
Eva was sitting on the bus, surfing absentmindedly, when a text message appeared. It read: ‘Hi mum. My phone has broken down, so here’s my new number. I need help paying the rent too, as I don’t have BankID right now.’
Eva shook her head. Typical Frida. She was all grown up and studying in Uppsala, but still needed mum’s help. Eva dialled the new number. No answer. But after a while, she received another text message, ‘I can’t talk right now...’, followed by a description of how she should pay the rent. 5,500 kronor, via Swish. Okay, that’s fine. This time around.
Eva swished 5,500 kronor straight into the scammer’s account.
What should Eva have thought about?
- Never use your BankID or Digipass at someone else’s request.
- Always be sceptical when someone from an unknown number claims to be a person or company you trust.
How you can get scammed
Social engineering scams are becoming increasingly common, and scammers are using more sophisticated methods. One example is when a scammer convinces a victim to install a programme on their computer or phone through remote access, giving them control over the device. Two common remote-access programmes are AnyDesk and TeamViewer.
Once the scammer gains access, they can display one screen to the victim while operating another screen that the victim can’t see. This enables the scammer to deceive the victim by presenting them with false information. The scammer might also get the victim to sign a different contract than the one shown on the screen.
How to protect yourself from being scammed remotely:
- Never install a programme at the request of someone else. We, like other legitimate companies, would never request access to your computer or mobile phone in order to perform any actions.
- If someone asks you to install a programme, hang up. Scammers are often skilled at building trust and using their words to convince you. They present the installation as an aid, but don’t be fooled by it.
Scammers often call or text and pretend to be from SEB, the Swedish Tax Agency, Swedish Pensions Agency, Microsoft or another known and credible party. It often happens late at night, or in the middle of the night. It’s almost always urgent and an emergency, they claim. They often want you to start your BankID and authorise a login. The scammers then steal money from your account. This is called vishing, which means ‘voice phishing’. When the scammers use SMS, it’s called ‘smishing’.
The scammers might claim something like this:
- They need to stop an alleged scam on your account or card
- They can recover money you have been cheated out of
- They can help you with your tax refund
- You’ve won money
- A loved one has fallen on hard times and needs your help
- They can help you with a housing allowance or higher guaranteed pension
- Your computer has a virus or other problem they can help you with
- You need to download some software
Our best advice is to end your call or text conversation and never give them any information whatsoever. If we at the bank have in fact detected a problem with your card or account and get in touch with you, we can see this without your having to log in.
Important. Protect yourself against fraud (Swedish Police Authority)
Through online platforms, social media or phone calls, you might receive offers from very persistent salespeople to invest in ‘amazingly lucrative’ schemes. In recent years, these schemes have been associated with bitcoin investments and are often promoted using the names of celebrities who were never consulted and completely disavow the scheme. There is usually pressure to act fast before the offer expires.
Our best tip is: if an offer sounds too good to be true, it probably is. Reputable companies that comply with the law are not allowed to advertise financial investments using hyperbole, and they must always disclose the risks involved in investing. Scammers rarely follow these regulations, which gives you another reason to hang up or report the online advert. In addition, people who have fallen victim to these scammers sometimes receive calls from someone who claims to be co-operating with Interpol and offers to track down the scammer. However, this person is often the same scammer attempting to swindle them out of more money.
Such schemes are entirely fictional and therefore difficult to comprehend. It’s always wise to refrain from investing if you do not understand what is involved. Another good tip is to check whether the company has a licence to operate and is not on the Financial Supervisory Authority’s warning list.
Romance scams are fraudulent acts where scammers establish trusting relationships with their victims. Their goal is to seduce the victim using charm and promises of love in order to financially exploit them or take advantage of them in other ways. A romance scam typically starts when a scammer initiates contact, often in a seemingly random way through a dating site, Facebook or other social media platform. Sometimes scammers may try to meet with you in person. They typically start by making you feel appreciated, liked and in love. The contact can be intense, occurring through text messages, chats and phone calls. A scammer might promise you the world, only to eventually ask for favours and money – often, a lot of money. In many cases, scammers use a false identity, stolen photos and made-up stories to deceive victims.
How you can protect yourself:
- Always be careful about how much personal information you share on social media and other online sites.
- Never send money to someone you do not know well or have not met. If someone asks you for money, think twice and talk to someone you trust about it.
- Watch out for the warning signs – a sudden declaration of love, request for money and reluctance to meet in person. Romance scammers often claim to have impressive professions.
- If it seems too good to be true, listen to your gut. It probably is just that.
With a growing second-hand market, advertising scams are becoming more common. With low prices and great deals, fake advertisers can lure you into pre-paying for products that don’t exist or get you to use your BankID to verify your identity as a buyer. When you sell things on the second-hand market or similar platforms, scammers may contact you and pretend they want to make a purchase. They ask for your card details so they can supposedly deposit money on it, and tell you that you need to identify yourself using your BankID. What happens is that your card details are used to make a payment for something completely different, so your BankID has acted as a form of authorisation for that payment.
Never give your card details to anyone who requests to deposit money onto it. Always be vigilant when using your BankID and thoroughly review anything you sign.
Scammers use viruses or Trojans to gain control of your computer or monitor all your activity on it. They collect information in this way to use for illegal purposes. They can also redirect you to fake websites even if you have entered a correct website address (this is known as pharming). Viruses and Trojans can be hidden in fake links within emails, text messages or social media posts and may look harmless at first glance. Avoid clicking on links you’re not sure about, and continuously update your firewalls and virus protection to make this type of attack more difficult.
Skimming, or card hijacking, involves scammers copying the information found on the magnetic strip of a debit, credit or bank card. Using this information, they create a new card that they then use to make payments in your name. The code is captured by hidden cameras close to the payment terminal or ATM. Skimming can happen anywhere that cards are used and where it’s possible to read the magnetic strip. To prevent this, it’s important to hide your code by placing your hand over the keypad. When only the chip is used, so that only half the card is inserted in a payment terminal, skimming is not possible because the strip cannot be read. Currently, most terminals in Europe are chip-based, and the rest of the world is also switching to these types of terminals.
A scammer may be watching you when you use an ATM in order to access your four-digit code and then steal your card. Hide your code by always placing your hand over the keypad.
When you sell things online and the buyer does not live in Sweden, payment can be made by cheque. Unfortunately, many scams happen using forged cheques. So, avoid using cheques if you do not know the buyer.
More and more young people are being exploited as so-called money mules. Criminals are heavily exploiting youth who are lured or coerced into moving, withdrawing or transferring money through their bank accounts. Requesting a simple favour like transferring money is quick and may seem tempting because of the promise of easy money. But acting as a money mule is a criminal offence that can result in devastating consequences. So, talk to your child about how to protect themselves and their accounts.
As a guardian, keep the following in mind:
- You can view your child’s account, so you can see what your child does with their money and detect any unusual transactions.
- Show interest in the online activities of your child or the young people around you. Ask questions like ‘What did you do online today’?
- If you suspect that money has appeared in your child’s account that could be linked to money laundering, contact the bank and then report it to the police.
How to protect yourself from being exploited as a money mule:
- Don’t let anyone use your bank account to deposit, transfer or withdraw money. Think about whose money it is and what it will be used for.
- Be suspicious of ‘job offers’ that promise fast money and big earnings with no experience needed on your part.
- Do not accept money via Swish if the purpose is to pass it on to someone. Accepting money from criminal activities makes you yourself guilty of money laundering.
- Don’t give out your personal identification number or bank details.
Scammers can try to hijack your identity by using your personal identification number, changing your address and ordering new documents of value to be sent to the wrong address. Here are four useful services that can help protect you:
- With the Swedish Tax Agency’s service ‘Block unauthorised change of address’ (your registered address), you can reduce the risk of fraud and identity theft in just a few minutes. Block unauthorised change of address (Swedish Tax Agency)
- With Adressändring’s free ‘Address lock’ service, you can block anyone who wants your mail to be sent elsewhere. Address lock (Adressändring)
- If you subscribe to the monitoring service of the credit reference agency UC, you will receive a text message within 24 hours whenever someone uses your personal identification number to apply for credit or make an enquiry via UC. See minuc.se, in Swedish
- Make sure you have notifications enabled for your BankID app. This way, you will be notified if someone requests a new BankID in your name. Locate the BankID app in your phone’s settings and switch on notifications.
Scam victims get new opportunities for compensation
Thanks to a recent ruling by the Swedish Supreme Court, victims of scams now have additional options for seeking compensation. This ruling concerned a case where a person unwittingly provided their identification details to a scammer, who then made a transfer from the person’s bank account without their consent. The victim was eligible for compensation from the bank because their action was not considered blameworthy. The Court’s decision has changed the situation for other fraud victims, who can now request a review of their cases.
Customers who want a review of a previous case can contact us and request a review. We believe that the recent Supreme Court ruling and the recommendations from the National Board for Consumer Disputes (ARN) are positive developments. The clarity in the legal situation and the establishment of a practice for assessing fraud cases will provide guidance for us and other banks. As always, we follow the applicable rulings and regulations as well as the established precedents set forth by ARN’s decisions. We will also apply ARN’s recommendations when reviewing cases that were previously denied. However, since the circumstances of each case can vary, we will continue to review, investigate and assess each case individually.
To request a review, you are welcome to call us on 0771-365 365.
You can read more about the ruling on the Swedish Banker’s Association website: HD-domen om bedrägerier bör leda till att fler får ersättning
Download or print our top safety tips (1 page) and post them on your fridge or near your computer for peace of mind. We encourage you to share it.
How to raise your security level
We always analyse any suspicious buying patterns and unusual transactions in order to act swiftly and protect you against scams. You can now raise your own security level, too, by activating our security features.
Stay scam-aware
Phone scams are becoming more prevalent and the methods are always evolving. Recognising some of the most common warning signs can help you protect yourself and those close to you. This is why Sweden’s banks have launched Svårlurad! – a joint information campaign to raise awareness of fraud and to offer practical tips and advice on staying protected. Their initiative aims to make everyone just that: scam-aware.
