Internet Fraud (Phishing or Smishing)

Phishing (as in data fishing) is defined as an attempt by hostile parties to steal customer identity details for the purpose of exploiting this data. Examples of sensitive identity details include: credit card numbers, access passwords to a bank accounts or other personal details.

As part of the rising global trend of customer data theft and unauthorized use of this data, we have witnessed numerous attempts using sophisticated and cunning means to pilfer data and details. One of the methods used is based on sending fictitious email or SMS messages, allegedly from the bank, which sometimes include requests for details or provide links to fraudulent websites.

How is phishing performed?

Usually through fictitious email or SMS messages sent ostensibly by Mizrahi-Tefahot in which a customer is requested to update details or confirm details identifying his/her bank account via email, SMS, or via a website posing as a bank website.
This phenomena is known as phishing (data fishing) in case of email messages or smishing in case of SMS messages - enticing a customer to provide confidential details that may help in identity theft and unlawful use of this data.
Mizrahi-Tefahot does not request personal data from customers about their bank accounts, or about the passwords used to access bank systems.
If you received an email or SMS message purportedly from Mizrahi-Tefahot, asking you to provide account details or identification details for Internet services, we request that you report this to the Mizrahi-Tefahot's Technical Support Center at telephone: 03-6011000.

Signs of email or SMS fraud

Email or SMS message explicitly requesting that you send identification details.
Urgent messages informing you that "your account will be closed if you do not update your identification details immediately".

How to protect yourself against identity theft via email, SMS or Internet?

  • Delete messages received from unidentified sources.
  • Avoid accessing links sent via email or SMS, especially ones asking you for personal details or financial data.
  • We recommend that you type in the bank's website address directly and not enter the website via links. The bank's website address is http://www.mizrahi-tefahot.co.il.
  • Closely examine email messages that direct you to a Mizrahi-Tefahot website, and verify that they were indeed sent by authorized parties at the bank.

Safety Precautions

  • Do not send personal details via email or SMS (user name, password, account number, credit card number, etc.) to anyone, even if they identify themselves as workers of the bank or someone on the banks behalf.
  • Each time you access the Mizrahi-Tefahot website via a link in an email or SMS message, verify that you have actually reached the banks authentic website. The address of the Mizrahi-Tefahot website for executing account transactions is www.mizrahi-tefahot.co.il.

Tips for minimizing the risk of fraud

  • Never give details about your bank account, credit card or ID number to parties that you have not identified and verified or that have contacted you, especially by phone.
  • Save credit card payment receipts, since some receipts may include your credit card number
  • Never give your Internet service password to anyone, including to Mizrahi-Tefahot employees
  • It is advisable not to keep your password in an unconcealed location
  • It is advisable to access your bank account, check your account status and change your personal password frequently
  • Immediately report the loss or theft of credit cards, checkbooks or any other means that can be exploited

Reporting identity theft suspicions

In any case you suspect unauthorized use of your bank account, please inform the bank immediately, via your preferred channel:

  • Call a Mizrahi-Tefahot representative: *8860
  • Call the Technical Support Center: 03-6011000
  • Mail to abuse@umtb.co.il (do not provide confidential details such as your account number and name in the email message)