One of the simplest ways to stay safe is to know how a genuine message from us looks — and what we will never ask for. If a message crosses any of the lines below, it is not from us.
What we will never do
- Ask for your full card number, PIN or CVV by phone, text or email.
- Ask for your online-banking password or a one-time security code.
- Tell you to move money to a "safe account" — there is no such thing; this is a hallmark of a scam.
- Pressure you to act immediately or keep a payment secret.
- Send you to a website that is not on our list of genuine group domains.
What we will do
- Show a genuine request to pay inside your portal, after you have signed in yourself.
- Contact you about your account by the channels you have agreed, without ever needing your password or a code.
- Be happy for you to hang up and call us back through the official site if you want to check a call is real — a genuine caller never minds.
If anything feels off, do not act on the message. Go to credicorp.co.uk yourself (type it in), sign in, and check your account — or contact us through the official site. A real request will still be there; a scam falls apart the moment you check.
For the tell-tale signs of a fake message, see recognising phishing and smishing, and if something has already happened, see what to do if you think you have been scammed.
See also: Advance-fee and fake loan offer scams, Choosing a strong password for your business account, How do I spot a scam pretending to be from Credicorp?.