10. January 2023

Phishing emails and SMS – how to spot them

Like a fisherman with bait on a hook, scammers are smart at coming up with ways to try to get you to divulge your card details. Hence the term – phishing. Or smishing, if the scam is run by text message. Either way, we want to protect you. Read on to see some examples and to find out how to spot and stop yourself from falling for phishing/smishing scams.

Before we get into specific examples of phishing scams, we’d like to mention a few important things up front:

  • There are a variety of security mechanisms at work when you make card payments. For instance, you enter your PIN in a card reader when you make in-store payments, or you receive a text message containing a 3-D Secure code to authorise online payments. Card fraud has become a tough (but not impossible) nut for scammers to crack.
  • Only enter your card details (your credit card number, the three-digit security code and your card’s expiry date) when you're shopping in trusted online stores. An indication of a secure site is the padlock symbol in the address bar or in the browser (even though this is not always 100% reliable). Spelling and grammatical errors or a strange design of the page, on the other hand, can indicate that you are on a fake site. Finally, if you are not sure, you can also find out more about the merchant by checking reviews on the internet (e.g. on social media).
  • Pay attention to the content of the 3-D Secure text message containing the one-time code that you receive to authorise online payments (amount, currency, name of the merchant).
  • If you have any doubts or are worried about having entered your card details on a dubious site: As a precaution, block your card in the app (in your profile under «Your card») and contact us at or call our hotline on +41 43 508 03 76.

If you want to know more about how phishing works in detail, what we do to protect you, and how you can protect yourself, click here

 «Your parcel is waiting for delivery» – phishing emails in the name of Swiss Post and DHL

Let's assume you’ve received an email or a text message from Swiss Post. It usually says that there’s a problem with shipping your package and prompts you to pay an amount of 2.99 CHF, for example. When you click on the link in the message, you’ll be asked to make the payment and enter your card details.

As you can imagine, this isn’t actually an email from Swiss Post; it’s a fake. It looks strikingly similar at first glance, though. Those sneaky scammers! But if you take a good look at the details, you’ll sometimes notice discrepancies. In the example below, the sender address ( is different from the stated sender (Post CH AG). But sometimes, those discrepancies can easily be overlooked. The scammers take a similar approach with smishing, sending fake messages from DHL that contain a link where – surprise, surprise – they try to trick you into entering your card details.

 «Your Amazon account is incomplete» – phising emails in the name of Amazon

In the case of Amazon, the fraudsters fake security cases. For example, in such a phishing email you are asked to add your phone number to protect your Amazon account. Here, too, it's the same scam: You are asked to confirm your phone number via a link – which is, of course, manipulated. Via a form, the criminals then try to get other data besides your phone number, such as your card details or your address.

These Amazon cases are particularly nasty: They are often formulated with an urgency that is meant to put you under pressure. But, of course, you stay cool because we have a list for you on how to recognise such phishing emails or text messages.

Examples of phishing emails or text messages in the name of Swiss Post, DHL, or Amazon.

How to spot phishing emails and text messages

  • Check the sender: move the mouse over the sender’s email address and you’ll see that something isn’t quite right
  • It’s the same game with links: move the mouse over the link (but don’t click on it!) and you’ll see that something must be wrong with the target domain
  • Manually check the shipment or parcel number by entering it on Swiss Post's or DHL's website
  • Download the Amazon Message Center and log in to your Amazon account. There you will see all genuine messages from Amazon – if you don't find the suspicious email there, it's phishing.

Follow the links below for good security advice from the Post (only in German), DHL and Amazon.

To reiterate: never, ever, click on links like these and reveal confidential information about yourself or your card details. Don’t even tell your dog. Who knows how smart he is.

Let’s play devil’s advocate and assume you click on the link and enter your card details.

Case 1: The scammers can now go on a shopping spree using your card details. Now, you’re probably thinking, «No they can’t. I’d be sent a text message with a 3-D Secure code that I’d have to enter.» But, unfortunately, not all merchants have two-factor authentication set up.

As a rule of thumb, always check your text messages carefully. Does the merchant name, the currency and the amount exactly match a payment you made? If not, contact us immediately or block your card in the app as a precaution until we can clarify the matter with you.

Case 2: Scammers can store your card to make mobile payments (using Apple Pay, Samsung Pay or Google Pay) on their smartphones using the information you provide. When they do, you’ll be sent a text message containing a mobile payment activation code. In the worst-case scenario, you’ll enter this activation code on the fake website and send it to the scammers. Then it’s an absolute doddle for them to make payments with your details.

So if you receive an Apple Pay, Google Pay or Samsung Pay activation code without having requested one, get in touch with us immediately. To sum up: Never enter your Apple Pay, Google Pay or Samsung Pay activation code anywhere online. Only enter it on your device in the Wallet or in the Google or Samsung app.

On the left, you see an example of a 3-D Secure code text message. And on the right, there’s a mobile payment activation code (in this case, Apple Pay).

The 3-D Secure code text message always contains the name of the merchant, the currency and the exact amount. Always check that all these details match your transaction or purchase. The same applies to the mobile payment activation code. You’ll only receive it if you’ve requested it when registering the card on your device. In other words, we'll send you an activation code when you register your neon card for mobile payment – otherwise, we won’t send you anything.

Your new safety mantras

Mantra #1: Never give out your card details or confidential information about yourself. Only give your card details to trustworthy merchants. Don’t divulge anything to your pets. Yep – that includes your hamster! He’s probably even more cunning than your dog.

Mantra #2: If you have any doubts or are worried that you have entered your card details on a dubious site, you should block your card in the app (in your profile under "Your card") as a precaution and contact us at or call our hotline on +41 43 508 03 76.

If you're now wondering how secure mobile banking really is, you can find the answers here

Give us feedback