Service status:

Phishing, vishing and smishing - what are they?

The words describe three common types of so-called “social engineering” attacks. Social engineering crimes are crimes that prey on people’s trust and mistakes to access their private information, password or valuables.


We believe it is important to work in order to prevent fraud and alert others to common fraud methods. The fraudsters are highly skilled and use types of things that are popular at the moment. For example, vaccination fraud has occurred where fraudsters phone the elderly and pretend they are from the healthcare services or an authority and will help them book a vaccination appointment. They then ask the person to login using their BankID, thus gaining access to the elderly persons bank account. Holidays, such as Christmas, are times where fraud increases substantially where persons receive an SMS or e-mail about package deliveries with links.

Three common types of fraud

Phishing: Fake e-mails, websites and credible looking SMS messages used to steal information. These messages are usually sent to thousands or people and are not directed towards you personally. Phishing is also called cyber fishing.

Vishing: Telephone calls or voice mail messages where someone phones and pretends to be from e.g. the healthcare services, an authority or a company and convinces the recipient to follow different instructions, such as by using their BankID.

Smishing: The same thing as phishing, but where fraudsters use an SMS.

Act safely and follow our tips

  • Never use your BankID at the request of someone who contacts you out of the blue.

  • Never give the codes from the bank security device or lend your BankID to anyone else. Never.

  • If you do not recognise the caller and you become unsure, then ask to phone the person back. Find out whose number it is to ensure they are calling from the company or the authority they say.

  • Do not trust a person who contacts you simply because they have your personal details. Fraudsters can find information on the Internet and use it to trick you.

  • Do not click on suspicious links. Have you really ordered something? Or taken part in a competition? No SMS or e-mail is so important that you don’t have time to double check who the sender is. Visit the official website and search for the contact details and contact them if you have any doubts or are unsure.

  • Enable notifications from BankID to check whether a BankID is activated for your personal identity number, this is done under settings on your phone.

Prevent and report

Talk with your loved ones about fraud. Inform others and share your knowledge, especially to older people in your surroundings who might not be reached by information in the same way as you.

If you are a victim of fraud:

  • Block your BankID

  • Contact your bank

  • File a police report