Security recommendations

BBVA offers you all the means at its disposal to guarantee secure operations through a secure password system.

The PIN of your BBVA card and the PIN for accessing BBVA.pt are private keys that must be stored securely. They are stored in an irreversible encrypted format in our internal systems so that no one at BBVA can learn them. 

BBVA will never ask for your BBVA.pt credentials or any other personal or banking information by email or SMS. If you receive a message of this type, please do not provide this information through these channels.

Browsers allow you to store user codes and passwords for the websites you access. BBVA recommends never storing your login passwords for our Distance Banking service on a computer or tablet. These devices can be subject to computer attacks and your passwords could be exposed.

BBVA's advice

  • Use complex passwords that are difficult to guess, containing upper and lower case letters interspersed with numbers and symbols.
  • Passwords are secret, so do not share them with anyone and change them regularly.
  • Do not write down passwords on post-its or notepads. Memorize them or use specialized password managers.
  • When using computers that are shared or connected to public Wi-Fi networks, do not enter your access credentials or provide personal data, such as your postal address, telephone, etc.
  • Whenever possible, we recommend that you enable two-step authentication for services that allow it. These are systems in which, in addition to the login password, another type of identification is required (e.g. a code sent to the cell phone). This system adds another layer of security to your accounts.
  • If you receive a confirmation via SMS for an operation you did not perform, immediately contact your Adviser or the BBVA Net and Card Helpline on 800 208 208 (+351 21 391 14 11 from abroad).

What is Phishing and Smishing?

Phishing is an email attack in which someone sends you an email impersonating an entity in an attempt to trick you into providing your passwords.

Smishing is similar but through SMS or WhatsApp: all you have to do is reply in order for them to access your data.

How do I avoid these attacks?

BBVA will never ask you for your bank details through any channel other than the BBVA Mobile website or app. 

  • Check if the subject or body has spelling mistakes and always look to see if the sender's email address contains bbva.com or bbva.pt.
  • Keep in mind that a secure website always begins with https:// and be wary if the URL is misspelled or has strange symbols, e.g. www.bb-va.informac%o.com. 
  • Remember that if you have any doubts, before clicking on any link or downloading any file, it is best to contact your Adviser or the BBVA Net e Cartões Helpline on 800 208 208 (+351 21 391 14 11 from abroad).

BBVA offers you all the means at its disposal to guarantee security in your operations with your BBVA Cards.

BBVA cards can be activated on BBVA.pt or through the BBVA Helpline on 707 256 256 (+351 21 391 14 16 from abroad), available Monday to Friday from 7 am to 9 pm and Saturdays from 9 am to 9 pm.

BBVA cards can be cancelled through the Digital Channels, BBVA.pt and the BBVA Mobile app, or through the BBVA Net and Card Helpline on 800 208 208 (+351 213 911 411 from abroad), 24 hours a day, 7 days a week.

BBVA's advice