Anti-Phishing advice

How to protect yourself against attempted fraud

Fraudsters constantly try to steal personal data using emails with falsified addresses. Criminals operating on the internet particularly target account data with these so-called “phishing” attacks, whether it be account numbers, personal information, passwords, PINs or TANs. The emails direct you to internet sites that often appear to be deceptively genuine. Please report such suspicious emails to wrnnghlbd

As an account holder, how do you recognise suspicious emails?

  • Emails from unknown senders should be viewed critically or ignored.
  • Take a careful look at the sender, even if the name seems familiar at first glance. Have the whole email address displayed and watch out for inconsistencies.
  • Read the subject line and main body of the email carefully. The presence of numerous typing errors, incorrect grammar or unusual forms of expression are potential warning signs.
  • Exercise caution if an email contains unusual requests or instructions. For example, if your access to online banking has been “blocked” or if you are requested to “check/verify” it; or if it apparently necessary to carry out an “account verification” process.

Do not follow instructions in suspicious emails. Most importantly, never share your PIN or TAN numbers, disclose your online banking access data, click on a link in an email and then enter your account details. Neither Helaba nor your Sparkasse will ever ask you to do this, whether by email or personally in a telephone call.

How do you recognise genuine Helaba webpages?

  • Pay attention to the address field: It will say https:// instead of http://. This is because the online banking webpages are always encrypted.
  • Check to see if your browser is displaying the lock symbol.

What can you do to prevent phishing?

  • Always enter the online banking address by typing it in yourself.
  • Use an up-to-date virus scanner and, if possible, a firewall.
  • Avoid carrying out banking transactions on publicly-accessible computers.
  • Choose complex passwords and do not save them onto your computer.
  • Be careful about sharing personal data, such as in social networks. Fraudsters capture such data and use it to gain your trust.
  • Set up user accounts, even if you are the only person using the computer. If possible, do not log on permanently as an “administrator”.

Please forward any suspicious emails about online banking to wrnnghlbd. In this way, you will be helping to identify servers used by the fraudsters and to prevent further damage.

Do not be surprised if you do not receive a personal reply to such forwarded emails. We would like to thank you very much today for your future support!

Your choice

When we make our website available to you, we use cookies. 

Some are necessary to help our website work properly, and can't be switched off. And some are optional, but support us in order to improve your experience during your visit.

Are you happy to accept cookies to improve our website?


cookie [publisher]purposestorage period
_et_coid [etracker]statistic: cookie detection2 years
allowLoadExternRessources [helaba]statistic: Saves the user decision that external components may be loaded automatically.30 days
allowTracking [helaba]statistic: Saves the user decision that visitor behavior may be tracked.30 days
BT_ctst [etracker]statistic: Is used to detect whether cookies are activated in the visitor's browser or not.session
BT_pdc [etracker]statistic: Contains Base64-coded visitor history data (is customer, newsletter recipient, visitor ID, displayed smart messages) for personalization.2 years
BT_sdc [etracker]statistic: Contains Base64-encoded data of the current visitor session (referrer, number of pages, number of seconds since the beginning of the session), which is used for personalization purposes.session
disclaimer_disclosureRequirements [helaba]necessary: Verification when accessing certain (sub) areas of the websitesession
disclaimer_residenceGermany [helaba]necessary: Verification when accessing certain (sub) areas of the websitesession
hideCookieNotice [helaba]necessary: Saves that the cookie or data protection notice will not be requested every time you visit.30 days
isSdEnabled [etracker]statistic: Detection of whether the visitor's scroll depth is measured.1 hour
WSESSIONID [helaba]necessary: Standard cookie to use with PHP session data.session

You can find out more in our data policy.