We’d all like to think we’d never fall prey to a scammer or phishing attempt. And yet, phishing and stolen credential attacks are still the most common types of attacks online. Scammers are getting smarter every year, so it’s important to stay one step ahead.

Bank accounts and card credentials are always a popular target. That’s why it’s extra crucial that you follow the best practices for keeping your Vivid account safe. Here are our tips on how to do that.

Recognise Phishing Attacks 

Phishing attacks work by convincing you they’re benign or official communications from a trusted sender. These can be phone calls, or SMS but are more often emails, designed to look like they came from Vivid or someone else you trust. 

Often, these emails or SMS will have a link to click, and an urgent appeal to correct something. This is done to create a sense of panic in you, stopping you from being careful and looking more closely. 

Be sure to check all the parts of the email or SMS: is the sender using the correct domain? Vivid emails come from a vivid.money domain. We’ll also never call you, but only get in touch via chat or email. Nowadays, fraudsters can even send you SMS claiming your credentials directly in the same thread where we usually send you SMS. Remember: we'll never ask you to share your login details with anyone, not even with us directly. Always use your Vivid app to log in to your bank account.

If you’re suspicious about an email or an SMS, never click on a link in it. Instead, get in touch using our chat in the Vivid app, and confirm there’s an issue with your account that way. ‍

‍

Never reuse passwords ‍

‍

You’ve heard this one a million times, and yet it can be tedious to come up with a new password every time you create an account somewhere. 

But with the advent of password managers, there’s no excuse anymore. Whether you’re using Google, Apple, 1Password or any other service, it’s easy to generate a strong password, save it, and have it autofill, saving you the trouble of remembering it. It’s one of the best ways you can make sure scammers don’t get access to one of your old passwords and try to log in to various services using it. 

You should also regularly check whether your email or password has appeared in data breaches before. HaveIBeenPwnd is a great service for that. It collects the data from every publicly known data breach and lets you check your data against it. If you see a password you’ve used come up, it’s time to change it. ‍

‍

Use strong two-factor authentication‍

‍

A strong password is a good first step, but even the strongest password can fail if a data breach occurs. That’s why two-factor authentication is so important. It requires an extra step, usually a text message or authentication app on your phone, before letting you log in to a service. 

You should have two-factor authentication on for all services that offer it, but especially for your important services such as your banking and email. If possible, use a token or app-based authentication instead of an SMS-based one, though either is preferable to using nothing. ‍

‍

Take action if you suspect fraud‍

‍

If you follow these steps, you’ll already be going a long way in protecting yourself from scams and phishing attempts. But there’s no such thing as perfect security, so you also have to stay vigilant in case the worst does happen. 

You can always freeze your card in the Vivid app. It’s a good idea to freeze a virtual card if you haven’t used it in a while, in order to prevent someone from misusing it. And if you need to, you can get a new virtual card issued with fresh credentials anytime as well, for a €1 fee.

If you suspect fraud on your Vivid account, get in touch with us immediately, so we can help you as fast as possible. You can block your entire account by emailing [email protected] if you’ve lost your phone or access to the Vivid app.