Search engine scams and phishing emails target online bank user identifiers

Criminals are phishing for online bank user identifiers in two ways: through phishing emails and search engines, such as Bing. From phishing emails and search engine results you are directed to a scam website mimicking the genuine op.fi service.

Do not log into any online bank through a link in search engine results

Criminals have succeeded in getting scam websites mimicking the op.fi service to appear among the top search results for the purpose of phishing online bank user identifiers. User IDs and passwords entered into a scam website end up in the criminals’ possession and are used to attempt fraudulent payments.

When logging into the op.fi service, type the service’s address (www.op.fi) into the browser’s address bar by yourself or use a saved bookmark. If possible, use the OP-mobile app for your banking. 

Read more about secure online transactions 

Read more about search engine scams on the National Cyber Security Centre website (in Finnish)  

Never use a link received by email to log into an online bank    

Criminals have been sending phishing emails in OP Financial Group’s name. These emails may claim that the customer’s card has been restricted for security reasons and ask to open a link.

The link in the message may direct you to a phishing website resembling the op.fi service where you are asked to enter, for example, your online user ID and your password. The phishing website may also be used to gain access to payment cards or online user identifiers of other banks. To our knowledge, some customers of banks other than OP have also received these messages.

OP Financial Group will never send you the kind of confidential email that would include a link requiring you to log in using your online user ID. Never use any link received by email to log into an online bank.  

Never give your user identifiers to anyone – not even a bank or the authorities will ever ask you for these by SMS, phone or email in connection with, say, verifying information. Never download any software onto your device if you are asked to do so by someone whose message you did not expect. If you are uncertain about anything, always contact our Customer Service first. 

If you suspect that your user ID has fallen into the wrong hands, please do as follows:

  • Deactivate immediately your user ID by calling our telephone service. The telephone service for private customers serves at 0100 0500 and for corporate customers at 0100 05151.
  • Outside the telephone service hours, deactivate your user ID by calling OP Deactivation Service at +358 100 0555 (24/7). 
  • Be sure to also call our Customer Service during service hours to report the incident.

This way you can be certain that you are on the authentic OP website

  • The bank will never send you a link to any website that would require you to log in with your online user ID or give your card details. Only criminals do so. 
  • If you are uncertain about the legitimacy of the message you have received, always contact your own bank first before doing anything else.
  • Do not open the link or any attachments before checking with your own bank’s customer service. 
  • Never confirm such payment transactions or a linking to a device that you do not recognise. 
  • Check the browser’s address bar to make sure that you are at the right address, and that the address is protected. 
  • Click on the padlock in the address bar to view the website’s digital certificate. Check the following: 
    • The website's certificate has been issued to OP Financial Group (e.g. OP Osuuskunta).  
    • On the genuine OP website, the certificate states the address www.op.fi and in OP Identity Provider Service the address saml-idp.op.fi. 
    • The certificate is valid.
    • The issuer/publisher of the certificate is Symantec, Entrust or DigiCert.  

Example of a phishing email:

Example of a phishing website: