Email is one of the easiest things for a fraudster to fake, so it pays to know what a genuine message from us looks like and what we would never do. No single sign is foolproof, so use these checks together.
Check the sender carefully
- Look at the full email address, not just the display name. Fraudsters often use a name that reads correctly but an address that is subtly wrong.
- Be wary of addresses that add extra words, use a different domain, or swap letters and numbers.
What we would never do by email
- Ask you for your portal password or your two-factor code.
- Demand an urgent payment to a new account.
- Pressure you to act within minutes or threaten immediate consequences.
Treat links and attachments with care
Rather than clicking a link in an email, go to your portal directly by typing the address yourself or using a saved bookmark. Be especially cautious with unexpected attachments, as these can carry malware.
When in doubt
If anything feels off, do not reply or click. Contact us through the verified details on our official website or in your portal, and we will confirm whether the message was really from us.
See also: How do I spot a scam pretending to be from Credicorp?, How to spot a fake firm using the Credicorp name and Changing your communication preferences.