Warning: Malware and Social Engineering Attacks in Italy

Here’s a quick summary of a typical 3-steps scam scenario, mainly affecting the Italian market. 

• You receive a text message from fraudsters, claiming account issues, urging you to click on a link, and call a number.

Although such messages look like they come from N26, you can tell it’s fraud because N26 never sends unsolicited SMS (new tab), with or without links. Communication regarding your account happens within the N26 app, not by SMS, nor over the phone.

Once the fraudsters have established contact, they are one step away from controlling your account:

• They will try to trick you into downloading unauthorised and unlicensed N26 security or certification apps, outside the Google or Apple stores, claiming it’s for the security of your account. This is the malware they will use to control your account. They might also try to push you to change the Security, Accessibility, or Developer Settings of your device. 

The official version of the N26 app is available exclusively via the Apple and Google stores. We would never ask you to download anything else to secure your account.

• If they fail to make you download the malware, they will try to make you transfer your money to a so-called “secure” or “temporary” account, as an alternative security measure.

We will never ask you to transfer money to another account. Just like asking you to download another app, both are obvious signs of fraud (new tab).

Warning: Downloading unlicensed applications can severely compromise your account, as it allows fraudsters to take full control of your phone and N26 account.

For a more detailed article about malware fraud prevention, see this article (new tab).

Please refer to the below resources for more information on malware and how to protect your device:

• English-Support (new tab)
• English-Blog (new tab) 

To access educational material in all languages, see here (new tab).