#1 Protect your computer, tablet or phone. 

• Set passwords and create screen lock sequences so that your device cannot be used by third parties.
• Don’t allow websites or applications with confidential information to launch automatically, without you needing to log in.
• Keep the operating system, antivirus and antispyware programs up to date on all your devices.
• Always keep your browser up to date.
• Don’t click on links or download content from unknown sources.
• Don’t use public or unknown wi-fi networks.
• Never leave your devices unattended.

#2 Protect your data.  

• Don't share your passwords with third parties.
• Choose passwords that aren’t too obvious (for example, never use 123456, ABCDEF, QWERTY) or that are not associated with easy-to-obtain personal information (such as birthdays, children's or spouse's names, mobile phone numbers).
• Don't use the same password to access the home banking service or apps of your bank or other payment service provider that you use to unlock your device or for social media connections, for example.
• Don't write passwords and other confidential information on paper, or send or save that information in email messages or on your phone.
• Use an offline password manager, such as Keepass.

#3 Access your bank account securely via the internet (home banking).

• Always enter your home banking service’s URL, rather than using a link, addresses saved in your “Favourites” or “History” or search results from search engines.
• Check that the address you've entered is the bank’s official website address.
• Check that the website address begins with “https://” and that a padlock appears at the end of the address or in the bottom bar of the window. If this is not the case, the site is not secure.
• You can test whether the site is secure by using the “wrong password trick”. On the first attempt to access the site, instead of your usual login, enter an incorrect password. If it's accepted, this means that the entity in question is not checking your login (i.e., it may just want to collect the password you type in order to misuse it).
• Ensure that you enter your home banking password and other authentication elements in a private place and that you're not being watched.
• After using your home banking service, log out and exit the internet page of your bank or other payment service provider by clicking on the icons provided for that purpose. Confirm that you need to log in again to access the page.

#4 Use your bank’s app safely. 

• Only install apps from official app stores. Not all apps are safe and may contain malicious software.
• Read the reviews of apps carefully before downloading them. Some apps have names and images that are very similar to the apps of banks or other payment service providers, purposely created to mislead users.
• Check the website of your bank or other payment service provider for information on the app you're downloading and follow the configuration instructions given.  
• Confirm which authentication elements you are asked for each time you access the app of your bank or other payment service provider and be wary if you're asked for additional information.
• Ensure that you enter your password and other authentication elements to access the app of your bank or other payment service provider in a private place and that you're not being watched. When possible on your device, use biometric authentication elements (e.g. fingerprint or facial recognition), which are elements that cannot be appropriated by third parties.
• After using the app of your bank or other payment service provider, make sure that you've logged out correctly and that you need to log in again.
• If in doubt, contact your bank or other payment service provider immediately via the usual channels; they will be able to help you. 

#5 Use payment applications (payment apps) operated by third parties (for example, MB WAY, Apple Pay, Google Pay, Garmin Pay, Fitbit Pay, Swatch Pay) safely. 

Find out which third-party payment apps your bank or other payment service provider offer. You can use these apps at the same time as the app of your bank or other payment service provider. 

Read up on the features of the payment app you want to use, including the operations it allows and any fees you may be charged.

• Only install apps from official app stores.
• When signing up for the app, only add your phone number, if applicable. Never associate a third-party phone number with your payment app, as doing so may allow an offender access to your information and/or funds.
• Ensure that you enter your password to access the payment app in a private place and that you're not being watched.
• When carrying out transactions with the payment app, make sure you're using the correct feature and carefully read the notifications you receive on the app before accepting them. If your payment app allows transfers, be especially careful if you receive a “money request” notification; by accepting, you are authorising a transfer of money from your account to someone else;
• Never share your payment app access information or transaction authentication codes with third parties.
• If you receive a notification for a transaction you haven't made, contact your bank or other payment service provider immediately via the usual channels; they will be able to help you.

#6 Remain vigilant.

• Check your account movements regularly.
• Check the date and time of your last access to the home banking service or app.
• Activate transfer and debit alerts or other security mechanisms provided by your bank or other payment service provider.
• If you receive a suspicious email or SMS supposedly from your bank, use the official contact details of the bank or other payment service provider to check its authenticity (and never the contact details provided in the suspicious email or SMS).
• Save the direct contact provided by your bank or other payment service provider to the contact list of your mobile phone. By doing so, if you detect any irregularities, you will be able to contact them more quickly.
• Remember that your bank or other payment service provider will never ask you for your access information to their home banking service or app by phone, email or SMS. 

#7 If you suspect fraud, take appropriate action.

• Contact your bank or other payment service provider immediately if you notice movements you haven't authorised or don't recognise by using the contact details provided by your bank or other payment service provider, or the contact details on the list of payment card issuers published on the Banco de Portugal’s website.
• Request immediate cancellation of your access credentials to the home banking service or app of your bank or other payment service provider and, if applicable, of your payment card.
• Report the situation to the nearest police authority (PSP, GNR or PJ) or the Public Prosecutor's Office.

#8 If you lose your payment card or any security element, report it immediately to your bank.

• Immediately report the theft, robbery or misappropriation of your payment card, home banking or app access credentials or any security element used to carry out financial transactions through these channels to your bank or other payment service provider.
• If unauthorised payment transactions are carried out before you inform the bank or other payment service provider, you may have to pay up to €50 at most.
• In fraudulent or grossly negligent situations, you may have to pay an amount of more than €50.
• If your home banking service or app access credentials or those your payment card are lost, stolen or misappropriated, and you have alerted your bank or other payment service provider to this, you are not obliged to pay any unauthorised amount removed after this alert.