Skip to main content

Cyber security and online fraud - what to look out for when making online payments with your card

Due to today’s fast pace of life, people tend to do more and more online shopping. And we understand - it’s more practical, faster and truly fantastic when things just arrive at your doorstep, without having to deal with the hassles of traffic.  But, along with the many advantages of making online payments with a card , there is something you need to look out for - and that is online fraud.  This is why there are a few things you should know so that you can increase internet safety. 

What is ‘cybercrime’, otherwise known as ‘online fraud’?

Cybercrime is a form of criminal behaviour where the perpetrator uses technology and/or the internet to achieve their malicious goals. Most often, online fraud includes stealing a victim’s funds, card information or personal information.  

What types of internet fraud are there?

You receive an email from an attorney’s office operating out of the United States. The email tells you that you are the lucky beneficiary of an inheritance from a deceased aunt. The amount is in the millions, and all you need to do to receive it is to send your current account details. Maybe you receive a message telling you that your package has been retained by customs and all you need to do is to click on the link to complete a transaction, freeing up the package for delivery.  

Maybe you were contacted by an unknown person through Facebook who tells you that making a small investment in crypto currency will make you very rich?

Yes, these are just a few different types of internet fraud. Although they may seem ‘ridiculous and transparent’, many people fall victim to them.  Over the years, cyber criminals have perfected their methods and their messages look more and more realistic, which is why the number of cybercrime victims is ever increasing.  What are the most common forms of internet fraud?

Classic online card misuse

You’ve lost your card or someone else has gained access to your card information and has used it to make an online purchase. This is one of the most common forms of online fraud. 

Fake (e-commerce) website

This too is also a very common form of internet fraud. It’s also known as ‘joint fraud’ because this form of crime is where criminals join forces to commit their crimes.      Everything looks normal and works like it would on any other website but the difference is that these sites are not operating from an authentic e-commerce platform.  Once the user enters their card info, the criminals intercept it and use it to withdraw larger sums of money or to misuse the data.  Often consumers receive products that are much less quality that they appear, but they don’t realise this a first and quite a while goes by before they notice that something isn’t right with their purchase.


Most internet fraud has one thing in common - this is a contest (sweepstake) or other form of gain (unrealistic discounts, etc.). Participation invites are usually sent via social media messaging platforms or email, and it isn’t uncommon for hackers to put up fake banners on different websites that look enticing. 


Phishing is also a popular form of cybercrime.  These are mainly emails/messages that play on urgency - you need to pay for/do/send something quickly or there will be consequences.  Phishing emails are difficult to recognise at first because the criminals who create them make them look like emails from a bank, a well-known company or a social media platform.   Everything looks real, for example: “Someone has tried to access your Facebook account from a new device. Please enter your password and confirm that it was you.” and so on.

Is it possible to increase internet safety when making online purchases?

Although these attempts at fraud may seem convincing at first, there are ways to detect them. Here are a few ways you can protect yourself:

  • Site domain - hacker’s websites, created just for fraudulent activities, look just like your bank’s website at first glance but just one misspelt letter or wrong domain name is enough to recognise it for what it is (e.g., your bank’s domain may be .rs and the link sent to you leads to a website with a .co domain) 
  • An error in the email address - also, pay close attention to the email address of the offers/inquiries you receive, because the only difference between a real email and a fake one could be just one misspelt letter
  • Suspicious links - If someone sends you a link from an unknown email address, NEVER click on the link!
  • Urgency, surprise or an unbelievable prize - If someone is asking you for an urgent response or is offering you something too good to be true, cash or prize, it is definitely fraud. 
  • Language and spelling errors - Even if it sounds unbelievable, given that criminals try to make it all look perfect, phishing emails and websites often have spelling errors and sometimes the messages they contain use two different alphabets (e.g., Cyrillic and Latin). Regardless, sometimes we read things on autopilot, skimming and not paying attention and this is exactly what these criminals are betting on.

How can I ensure the safety of the online transactions I make or how can I increase safety online?  

  • Buy from reputable brands only – if you prefer online shopping, we recommend that you always buy from big brand names with large retail chains. Of course, this doesn’t mean that you should avoid small businesses, but be sure to investigate their social media, website and all other platforms.
  • Don’t lend your card to anyone – the bank issued your card for your own personal use only and if you give your card to others to use you will no longer able to track it.
  • Don’t share your PIN with anyone – if someone else learns your PIN they can misuse your card and the funds on your card without your knowledge or consent.
  • Never take a picture of the back of your card – NEVER send a picture of the back of your credit or debit card to anyone.  This is where the CVV number is located – which is a control number without which it is impossible to make online transactions.
  • Choose the option to have an SMS message sent to you after each transaction – you can initiate this option when opening an account or by calling the Online Centre. This will allow you to always monitor your expenses and to act in the event of fraud. 
  • Reduce your card’s limit – The limit of our cards is set at EUR 5,000, but you can always ask the bank to reduce it. This will allow you to reduce the consequences of fraud if your card or other personal data is stolen.

What does payment card misuse look like?


We’ve already explained that criminals use various methods to gain access to other people’s money. Here are two examples:

zloupotreba kartica

[text message: Your last payment was declined. Please update your account via the following link to continue using our services.] ​

We see that a user received a message notifying them to update their Netflix on demand account. If you have a Netflix account or subscribe to other similar sites, you know that companies such as this never send these kinds of messages but rather emails to the email account you provided to them when subscribing. In most cases you have a standing order to pay for these kinds of subscriptions and you receive a statement at the beginning of each month that shows your payment. And, when you want to cancel your subscription, you do this directly through the company’s website.

zloupotreba kartica

[text message: DHL: your package is located in our warehouse. Please confirm your address and pay the shipping fee to initiate delivery: site] 

This is also a common example. But, the important thing to know is that currier services never send these kinds of messages, and that in most cases, you can track your package via their app. Also, if you’ve ordered something and you do receive this kind of message, it’s best to contact the currier directly to check the status of your package. ​


What happens if you are the victim of online fraud?

We advise that you follow the internet safety guidelines provided here but if you do become the victim of fraud, here’s what you should do: 


  1. Contact us via our Online Centre at 011 2057 000 (for calls made from a mobile phone) or at 0700 700 000 (for calls made from a land line). Our colleagues are available for your 24h a day.
  2. Choose option number 1, Card Issues.
  3. Cancel your card - also, our colleagues will check to see where the online purchase (which website) was made, the time and the exact amount spent (you can request confirmation of this to be sent to your email) 
  4. Fill out the complaint request and send it to .
  5. Your complaint is sent to Mastercard - and you will receive a response within the deadline envisaged in the rules governing credit card companies.


I would also like to know...

Do I need to have an internet payment card to make online purchases?

No, you don’t. You can use our Mastercard to make online purchases. The only thing you need is to be cautious and to follow the guidelines we have provided for you.


To sum up - the point of this text isn’t to convince you to stop making online purchases. Just the opposite. The Internet and technology in general, makes a lot of things easier for us, shopping included, and fraud happens offline as well. The important thing is to take caution and follow these key guidelines.