Phishing by telephone

Phishing by telephone

Criminals are increasingly trying to trick us online and steal our personal details. First, they send a fake e-mail and then they call you up.

We will never ask you for the codes you generate with your card reader.

How criminals go about phishing on the phone

The criminals send you a fake e-mail alerting you to a critical problem, such as your account being frozen or a suspicion of fraud using your credit card.
You can quickly resolve the issue by opening a link and then entering certain personal details, like your name, addresstelephone number and your card number on a fake website.

The scammers call you in reference to the fake e-mail and try to gain your trust, addressing you by name and saying that you should never pass on your bank card's PIN because it's secret.

They then ask you to generate at least two codes with your card reader. They need the first code to log in to your online banking application and the second to sign a transfer.

Once the criminals have your card number and at least two codes generated by your card reader, they can log in to your online banking account and make a fraudulent transfer.

Protect yourself from phishing on the phone

  • For one, you should never respond to requests for payment from unknown parties.
    If you need to make a bank transfer, simply log in to the KBC Brussels-website
    ( or use KBC Brussels Mobile.
        -    If you’re buying something online, you only need the seller’s account number (IBAN) to transfer a payment.
        -    If you’re selling something online, it’s sufficient to give the buyer your bank account number (IBAN).
    If they ask for any other details, it’s very likely you’re dealing with a criminal.
  • Don't take everything you read in an e-mail on simple trust. We'll never e-mail you to solve a problem with your account or the online banking service you use with us.
    Fraudsters can easily add a KBC Brussels logo to an e-mail or fake the sender's name. So, if you're in any doubt, forward the suspicious e-mail to
  • Always keep your PIN and the codes generated by your card reader a secret – they are the key that unlocks your money and they are strictly personal.
  • Please note: Scammers are increasingly using bogus websites with URLs starting wit https://. The ‘s’ in https stands for ‘secure’ and tells you you’re using a secure connection. However, this provides no guarantee that the party you’re dealing with is trustworthy.
    To find out if the KBC Brussels website or KBC Brussels Touch you’re using is legitimate, check the URL in your browser address bar: 
        -    The URL of the KBC Brussels-website starts with
        -    The URL for KBC Brussels-Touch starts with 'https://KBC Brusselstouch.KBC'.

Always keep your PIN and the codes generated by your card reader a secret – they are the key that unlocks your money and they are personal to you.

Our Cybersecurity Service includes virus and phishing protection software that protects your devices and your online activities from attack by cybercriminals.
Learn more.

Report internet fraud


What is phishing and how can you protect yourself against it?