Learn › Scams

In short: Never share passwords, codes or one-time codes, and refuse to be rushed. A genuine bank never asks for your security code; if you are defrauded, freeze the card with your bank and report it.

Spot Scams and Fraud – Protect Your Money

Kontoo editorial team · Updated 06/23/2026

Scammers rely on pressure and urgency so you act before you think. Once you know the patterns, you can see through most schemes in seconds.

  • For any email or text with a link, pause first: real banks never ask you to enter your details or codes through a link.
  • Never share passwords, PINs, one-time codes or confirmation codes — no matter who is calling or how urgent it sounds.
  • Check return promises: high gains without risk do not exist. Pressure, a countdown or an “exclusive coach” are red flags.
  • If you are hit, act at once: freeze your card and account with your bank, change your passwords, and report it to the police.

What matters

The most common mistake is reacting under stress instead of checking. A classic phishing scam: a text says your account is “locked” and a link leads to a near-perfect copy of your bank — enter your login and code there and the criminals drain it in minutes. Investment fraud works the other way, through greed: shady crypto or trading “coaches” promise unrealistic returns, even show fake profits at first, and nudge you to deposit more — a pyramid scheme that collapses. Shock calls (the “grandparent scam”), advance-fee fraud (“pay first, win later”) and fake shops with unbeatable prices follow the same pattern: artificial pressure plus a promise that is too good to be true. Check the sender, the URL and the tone calmly — legitimate organisations always give you time.

ExampleA fake shop offers a console for 199 € instead of 499 € on prepayment — if the goods never arrive, the 199 € are usually gone, and the 300 € you thought you saved was simply the bait.
Keeping an eye on your cards and logins helps you notice anything odd sooner — see bank accounts & cards.

Checklist

  • Never share a code, PIN, password or one-time code
  • Treat pressure and urgency as a warning sign
  • Do not open links from email or text — use the app or official number
  • If defrauded: freeze the card, call the bank, report it

Common myths

Myth: My bank will text me when I need to confirm my details.

Reality: No. No legitimate bank asks you by text or email to enter a code, PIN or password — that is always phishing.

Myth: You can spot a scam by bad spelling and clumsy emails.

Reality: Not anymore. Modern scams use flawless text, real logos and spoofed senders — what matters is the content of the request, not the grammar.

Frequently asked questions

I clicked a phishing link — what now?

Just clicking is usually harmless. The risk starts if you entered details: change your passwords right away, call your bank, and watch your account. If you gave card data, freeze the card with your bank immediately.

How do I tell a real bank message from a fake?

Real banks never ask for a code, password or PIN by email or text, and they never rush you. When in doubt, do not tap the link — open the app or call the official number on the back of your card.

Related lessons

AccountsInvestingPaying off debt

All lessons · Glossary · Editorial · Kontoo does the math and explains – this is general education, not tax, legal or financial advice.

Your data stays with you. Full stop.

Kontoo collects, sees and stores none of your data. No account, no cloud, no trackers, no ads.

No accountNo cloudNo trackingNo ads