Frequently Asked Questions (FAQ)


How to recognize phishing attempts via email, phone, or SMS?

Hackers often send emails, SMS, or make calls impersonating financial institutions, using fake links and login forms. Their goal is to make you believe that you are on a legitimate website, prompting you to enter your user credentials: username, password, allowing them to take control of your account.

Remember a simple rule: no financial institution will ever send you an email with a login link or a password change link, nor will they send SMS or call you to confirm any details over the phone.

All data from your plastic payment cards, including your personal information, is confidential, and our employees will never ask you to confirm them via email or SMS, nor over the phone, except when you call our official phone numbers.

The clearest sign of phishing email is the sense of urgency - hackers lie with hints of password leakage and similar issues.

Another sign is the link (Internet address) you receive - if it does not lead to our company's official website’s domain, it's fake.

If you click on a link in an email or SMS, and it takes you outside our website domain, it's 100% an attempt of fraud - immediately leave that site and delete the email or SMS.

Who is responsible if I am deceived by hacker-sent email, SMS, or call?

If you voluntarily send your password to a hacker, it is your own action for which you are responsible. You, as customer and Internet user, are responsible for your awareness and Internet safety.

What do the terms phishing, vishing, and smishing mean?


Online phishing is typically an electronic message sent via email. The message appears to come from a trusted sender, such as government or municipal administration, a bank, various businesses offering different services (utilities, investments, credit card issuance, etc.). The message may look legitimate and contain the trademarks of the respective organization, but the sender's email address may not be even similar to the organization’s name on which behalf it is sent. The visual appearance of fake websites often closely mimics or even replicates the original site. Detecting fake websites can be done by comparing the addresses of the original and fake pages. Letters from the address of the original page may be replaced with visually similar characters, for example: the letter "o/O" may be replaced with zero - "0"; the letters "l" or "I" with the number one - "1", and so on.

Sometimes, phishing involves individual senders who often present themselves as heirs to wealthy relatives, relatives of sick people, etc. In frequent cases, messages from individuals are more easily recognized as fraudulent.

The standard practice is the link of the message to redirect to a fake website, citing various reasons to encourage following the link, but the said address to request its user to provide personal data such as: username and password for access to various online profiles (most commonly: internet banking applications; online shopping, wallets and payment applications); bank account/ card number; PIN, expiration date, or CVV of a bank card, etc.

IMPORTANT! Do not perform the actions prompted by suspicious electronic messages, including:

  • do not open any links and attached files;
  • do not provide information about applications you use and your access to them, especially if the applications relate to financial information: internet banking, shopping, payment, number of your card, etc.


Vishing (voice + phishing) is a telephone call in which the scammer, using your personal information from social networks, attempts to deceive you into providing your personal data similar to the categories mentioned in phishing, conducted through the use of electronic messages via email.

Smishing/ SMS Phishing:

SMS phishing is another type of phishing attack in which scammers attempt to obtain your personal information through your mobile device by sending a text message (for example, pretending to be bank employee or another financial organization).

IMPORTANT! We never request – under any circumstances and through any of the aforementioned communication channels – phone, email, SMS, other text messaging apps or platforms, your username, passwords for access of your profiles (for example: internet banking apps, online shopping and payment apps), bank account/ card numbers, PINs, expiration dates or CVVs of bank cards and any other sensitive information.

In case of suspicion regarding phishing, vishing, or smishing directed at you, please contact us immediately to request detailed information from our representatives for your suspicion and if necessary - block access to your user profile or block the issued card.

As general rule for variety of phishing attacks is that they do not target technologies and application, but instead, they rely on human weaknesses and emotions - fear, panic, joy from receiving a tangible or monetary reward. They aim to provoke impulsive actions leading to quick decision-making and clicking on various "buttons" through which cybercrime offenders are able to obtain your personal data.

Is it necessary to activate access to my location, microphone, camera, and contacts on my device (mobile phone/ computer) to use any landing page and application(s) for applying and using your products?

By activating the listed accesses, you provide the opportunity for access to your personal data, as well as the personal data of your relatives and acquaintances. Therefore, the decision whether to activate specified accesses for an application should be made by you personally as informed, specific (for each individual application/ functionality), taking into account type and nature of the information stored on your device.

Access to location: By providing access to your location, you can be easily tracked, and additional information can be obtained, such as the reason for being in a specific place, what you are doing at a particular moment, with whom you are, and other information that could be maliciously used against you and your acquaintances. Gathering information about you occurs in real-time through the so-called GeoTag. GeoTagging is an automated device functionality that process location information embedded in the photos you take at the time of capturing them. When you post photos on social media and they reach cybercrime offenders – they may be either downloaded by third party directly or forwarded to such individuals, so you can be easily physically tracked.

Example: Your location is necessary for using some social media or specific functionalities within apps, such as checking in at places you visit, navigation apps, weather forecast apps, etc.

Microphone Access: Granting access to your device's microphone allows easy recording of your conversations and ambient sounds in your surroundings. This recording can be done even when you are not actively using your device. Be aware when providing this type of access and provide it only to trustworthy applications that genuinely require microphone functionality.

Example: Access to your device's microphone is required by applications such as music apps, music recognition services, voice recording, etc.

Access to the camera/ gallery with photos and videos: By granting access to your device's camera/ gallery, the content in your gallery can easily be used for cybercrime without unrelated to the purposes for which you have allowed access. Additionally, the camera can capture photos and videos, even without your knowledge, which may end up on the internet and be used to your detriment and for the benefit of unscrupulous individuals.

Access to contacts: By granting access to the contacts stored on your device, the personal data of your contacts (names, phone numbers, email) can easily be used by unscrupulous individuals to send unsolicited messages (spam) on behalf of your contacts to third parties. It can also be used to send false email messages (phishing).

Given the above, it should be noted that when granting access to your device, it does not necessarily lead to unfavorable consequences for you. The requirement for access to your devices, their functionalities, and the various types of information contained in your devices is necessary for the proper functioning of the applications you use. When granting access to your device, for each specific case, you should be guided by whether and what kind of access is necessary for using the respective applications. Only in this way will you be able to control and reduce the risk of unauthorized and unscrupulous use of your device and the personal data of you, your relatives, friends, and acquaintances contained therein.

How can I tell if the emails I receive from your name are genuinely sent by you?

The emails you receive are not sent by us when:

  • The subject is formulated to capture your attention and prompt you to follow a link contained in the email or open an attached file;
  • They create a sense of urgency and immediacy, often containing instructions for action similar to the following: "Due to detected unauthorized access to your profile, it is necessary to change your password. To do this, follow the link below;
  • They are sent from a public email service – such as,,, and others. Typically, companies register and use their own domains instead of using public ones.
  • The company's name is not specified in the domain address – you can check the sender's email address and whether it contains the name of our company by referring to the "From" field, where the name chosen by the sender is displayed when you receive an email.
  • Example of a fake email address for a company named "FinBank;

Example of a legitimate email address for a company whose name is „FinBank“:

From the examples provided, it is evident that the genuine email for a company named "FinBank" is the one that includes the company's name in the domain;

  • The displayed domain contains: altered letters, added letters, symbols, and others;
  • The textual content of the message has numerous spelling, grammatical, semantic, and other errors, usually due to translation from a foreign language, performed using an automatic translator such as "Google Translate “.

When is a password considered secure?

We witness breaches in the systems of global and Bulgarian companies and administrative bodies, including the leakage of personal data from these companies and entities, including in the financial sector.

As a result of in-depth analysis conducted by market-leading technology experts, it turns out that the old 'complex' passwords are no longer effective.

The rule: a digit, capital letter, symbol, and more than 8 characters, which we all know well, is no longer the most secure way to create passwords. The reason for reducing the level of security of passwords created by this rule is that people consistently start creating passwords like 'P@ssword123', which meet the complexity requirements but are extremely easy to guess in a hacker attack. Very often, people use passwords that contain their personal information, which is also easy to guess.

Therefore, following best practices, we recommend creating passwords that are easy to remember but difficult to guess, containing a Pass Phrase – i.e., a combination of words (phrase) that make sense to you, such as a favorite phrase, proverb, or a memorable phrase from a favorite book, like 'purplecatpearsharvest.' Creating a password in this way allows it to be used for a longer period (half/one year) without the need to change it every 30/60/90 day, as is the most common practice.

When creating passwords for various personal purposes, we also advise you to:

  • Create passwords that are more than 14 characters long, optionally including numbers and/or symbols in the combination of words, if desired.
  • Do not write down or record your access passwords.
  • Do not send passwords via email, Viber, Messenger, WhatsApp, or other chat applications, or through SMS.
  • Use two-factor authentication for your profiles.
  • Do not share your password with others, including your close ones.
  • Use password generation and management software if you are unable to come up with reliable and unique passwords on your own.
  • Periodically replace your old password with a new one to minimize the possibility of unauthorized access to your profile(s).

Given everything above, we use the following analogy for passwords: Passwords are like toothbrushes – choose a good one, don't share it with anyone, and change it regularly.

When is the use of websites safe?

As part of a group with a significant contribution to the digitization of the financial sector, we offer remote services to our clients using web pages.  

Based on the above, we would like to advise you:

  • Always access our website by typing its address into the address bar of your browser (not the search engine).
  • Be cautious of suspicious emails. Do not click on links sent via email or in attached files, as they may contain malicious software that could infect your computer.
  • Never follow links in an email supposedly sent by us without prior notification, as such links may lead to sites with dubious addresses that might request your user names, passwords, bank account numbers/cards, PINs, expiration dates, or CVVs for bank cards, and other access-related personal information.
  • Regularly update your device's software and the browser (search engine) you use.
  • Never log into your accounts through public Wi-Fi networks.
  • Activate notification features, where available, for access to your profiles from a device different from your usual one. This way, you can track unauthorized access to your profiles and have a better chance of protecting your personal information.
  • Always choose a "strong" password – see the section "When is a password secure?"
  • In case of any doubts, contact us

When is a website secure?

When using the internet, including actions related to the use of your money, it is good to keep the following in mind:

  • If the URL in the address bar starts with "https://," the presence of "s" indicates that the site uses an encrypted, secure client-server communication connection. The absence of "s," i.e., when the site starts with "http://," means that the site does not use a secure connection. When a site does not use a secure connection, a malicious actor can track or modify the information you send or receive through that site.;
  • If there is an icon with a padlock image in the browser's address bar, the locked padlock signifies that the respective page is secure because it uses a certificate for encrypting communication. The principle of issuing encryption certificates is that an individual certificate is issued for each specific web page. Clicking on the padlock icon brings up a window with various functions, including the ability to see the true address of the site and information about the validity of the encryption certificate. Even if there is an icon with a padlock, we recommend exercising caution when sharing information online;
  • Be cautious of dangerous websites that put at risk the information you might share through them. Dangerous sites are marked with a red warning message on the page or a red glowing address bar, allowing you to recognize that the specific site is hazardous;
  • Online purchases – do not shop on websites of unknown merchants and do not buy brands that are not established on the market. Check the reviews from other users who have used the services of the respective merchant or purchased goods from the specific brand. If the merchant's website lacks information about the merchant, contact details (email, phone, address), or a contact form, this should be a signal that you may have come across a site of a non-existent merchant, and the site may be created by individuals whose goal is to obtain your personal information – bank account numbers, payment card numbers, and more. If you want to use the services of the merchant despite the lack of contact options, it would be advisable to try to make additional checks on the existence of the merchant (for example, by searching by name on the website of the Registry Agency - Commercial Register - and its reputation. A sign of whether the mentioned individual as a merchant is active or not can also be the presence or absence of terms for delivery and return of goods and what they are. We also recommend keeping a record of the transfers you make for purchasing goods;
  • Always be cautious when encountering overly enticing offers, as they often attempt to provide fake, low-quality, or non-existent goods or make attempts to deceive – transferring money and/or collecting your data such as email addresses, passwords, and bank card information;
  • Shortened links – when you come across such a link, even if it's sent by someone you know or a close acquaintance, don't rush to open it before attempting to learn more information about the site to which the shortened link would redirect you. In the case where the shortened link is sent by someone you know, their profile might be unlawfully accessed by malicious individuals who send shortened links from their profile to their contacts. To check the site to which the shortened link leads, hover the mouse cursor over the link without clicking on it. This way, the full and true address to which the shortened link would direct you will be displayed, allowing you to determine whether the address is created to harm you or not.

What is the essence and benefit of two-factor protection for my profiles?

Two-factor protection for your profiles involves a two-level identity verification process – the first level is the password to access your profile, and the second level is an additional one-time code. Such a code is generated each time you log into your respective profile and can only be used once, typically valid for a specific period after its generation. This way, the one-time code ensures that your profile cannot be accessed even if someone learns your password, as they won't have the generated code to enter.

An example of two-factor authentication is the option provided by some companies, such as Google, Facebook, and others, to their users. Two-factor authentication for profiles has also been implemented by most banks and financial institutions, especially when conducting financial transactions through their online channels. In these cases, to access your profile or initiate a payment to another account through online banking, you'll need to confirm your action with a mobile token or digital certificate and an SMS code.

The additional security code can be obtained through:

  • Short Message Service (SMS): You will receive a text message on your phone containing the code. After entering this code, you can access your profile.
  • Using applications designed to generate codes.
  • Email notification containing the code.

What are the risks for me if I use public Wi-Fi networks?

Public Wi-Fi networks, along with their advantages, have several disadvantages. The benefits include being a convenient, easy, and usually free way to access the internet. Public Wi-Fi networks are particularly tempting for use when you want to save your mobile data or for children whose internet access is typically restricted by their parents.

The drawbacks of public Wi-Fi networks are less known but can lead to several adverse consequences for you, potentially outweighing the benefits mentioned above.

It is important to know that when using public Wi-Fi networks, access to them is just as easy for individuals who wish to harm other users. Through these networks, your personal data can easily become public property. In some cases, malicious actors create fake Wi-Fi networks with the goal of monitoring the traffic of all users who attempt to use them.

If you want to use a public Wi-Fi network, it is advisable to follow the following principles:

  • Make sure the website uses a secure connection – see the section "When is a website secure?"
  • Avoid opening websites that require you to enter your personal data, such as passwords, card numbers, and others. Also, avoid logging into your profiles.
  • Do not allow sharing of data (documents, photos, etc.) from your smart devices while using a public Wi-Fi network because any network user can see them if they wish. Among the options to limit data sharing, there is usually an option called "network discovery" that should also be turned off to prevent your device from being 100% visible on the public Wi-Fi network.
  • Use the most up-to-date antivirus software.
  • Clear the cache and cookies from the browsers you use on your devices, and ensure that your browsers are updated to the latest version.

What are your domain addresses?

Our domain address is:

Be cautious about the websites you visit, and trust only the legitimate ones!