Fraudsters phishing for customers’ information by referring to a refund

OP’s customers have been sent phishing emails in OP Financial Group’s name.

These messages may claim that the customer is entitled to a refund. The link in the message may direct you to a phishing website resembling the op.fi service where you are asked to enter, for example, your online user ID and your password. The purpose of these messages may also be to phish for the online user IDs of other banks.

What to do if you suspect that you have fallen victim to a phishing email

If you suspect that your user ID has fallen into the wrong hands, please do as follows:

  • Deactivate immediately your OP eServices user ID by calling our Telephone Service at 0100 0500.
  • Outside service hours, deactivate your user ID by calling OP Deactivation Service at +358 100 0555 (24/7).
  • Also, remember to call our Telephone Service during service hours to report the incident.

Never use a link received by email to log into an online bank

Never use a link received by email or SMS to log into an online bank. Never give or disclose your user ID, PIN code or key codes to anyone – even a bank or the authorities will never ask you for these by SMS, phone or email in connection with, say, verifying information. If you are uncertain about anything, always contact our Customer Service first.

Are you sure you’re on the genuine OP website?

  • The bank will never send you a link to any website that would require you to log in with your online user ID or give your card details. Only criminals do so. 
  • If you are uncertain about the legitimacy of the message you have received, always contact your own bank first before doing anything else. Do not open the link or any attachments before checking with your own bank’s customer service. 
  • Check the browser’s address bar to ensure that you are connected to the right address, and that the address is protected. 
  • Click on the padlock in the address bar to view the website’s digital certificate. Check the following: 
    • The website's certificate has been issued to OP Financial Group (e.g. OP Osuuskunta). 
    • On the genuine OP website, the certificate states the address www.op.fi and in OP Identity Provider Service the address saml-idp-op.fi. 
    • The certificate is valid. 
    • The issuer/publisher of the certificate is Symantec, Entrust or DigiCert.

Example of a phishing email: