Think before you click or reply

Emergency situations and hard-to-refuse offers are some of the hooks used in phishing to get hold of your information or take control of your devices. Don’t fall into this trap and take a moment to look at these tips before clicking or replying.

If you don’t know the sender of the email

Move your mouse over the email address or click on reply to see the real sender. Then check whether the address is spelt correctly, the domain is trustworthy and whether it matches the name of the person who sent the email.

If they ask you to click, download, or reply

Be careful with emails or messages asking you to click on a link, download a file or reply with information, since they could be phishing attempts.

If there is a sense of urgency

Fraudulent emails, calls, or messages usually ask you to act quickly. For example, asking for your details to give you a prize as soon as possible, to receive additional customer benefits or to solve a security problem.

Examples to help you identify cases of identity theft


You receive an email which seems to be from your electricity provider. It asks you to click on a link to access your personal area, where you have to confirm your bank details. It sounds urgent because apparently there’s a security issue. Take a few seconds to think and don’t click on the link, as it could be a phishing attempt. In this kind of situation, you should contact your electricity provider through their official channels or report it by forwarding them the email.


You receive a sudden call from someone claiming to be from your bank. It seems serious and you listen carefully while they tell you that, for security reasons, they need to quickly check some details on your customer file. This could be a case of vishing, a type of phishing through voice calls. If this happens, take a few seconds to think and if you’re not sure, don’t reply. You can always contact your bank through the official channels, website and app, or go to a branch where they’ll answer your queries.

At Santander we will never ask you to give us the full login details to your Online Banking.


You receive an SMS text message informing you that a purchase has been made with your bank card in a shop – but it wasn’t you, so you feel alarmed. In the text you’re instructed to click on a link to solve the issue. Think twice: this could be an attempt at smishing, which is a method of phishing through SMS. Don’t be startled: you can check the transactions on your bank account or call your bank directly.

Discover our tips for a safe digital life