Skip to main content

What to Do if You Get a Suspicious Request for Personal Information

Fraudsters sometimes use email, SMS or social media platforms to pose as legitimate organizations in order to trick users into sharing personal information. This can be referred to as phishing. Phishing is a type of cyber attack or scam where fraudsters use emails, texts or phone calls in an attempt to collect personal, private information – including banking information.

Phishing emails often appear to be from legitimate companies and can use official logos. If you receive an email that says it’s from Capital One, but it seems suspicious, it’s important to remember that we’ll always reach out to you from a credible email address and will never ask you to provide sensitive information.

If you’ve received a suspicious communication that targets you as a Capital One customer, do the following:

  • Do not respond or engage with the sender. Capital One will never:
    • Ask you for your personal identification number (PIN) or online banking password 
    • Ask you for your Social Insurance Number
    • Make spelling or grammatical errors in written communications to you
    • Use fear tactics to get money or gifts from you
    • Make threats to suspend your account or claim your account has been compromised
  • Forward the communication to
  • Provide as much detail and background information as possible, including screenshots if available
  • After forwarding the email to Capital One for investigation, delete it
  • Be sure to monitor your account and call the number on the back of your card if you notice any unusual activity