This week we focus on phishing and social engineering. As a digital-only bank, every interaction we have with customers and colleagues happens online. That makes phishing one of the biggest risks to our business. Criminals will try to trick you into clicking, downloading, or sharing information they can use to get into our systems. 

• Phishing is the top entry point for cyberattacks. One careless click can expose sensitive data or let attackers into our systems. 
• Social engineering works by exploiting trust. Criminals pretend to be someone you know or act as if they’re in authority to pressure you into giving access.
• Every email, link, and attachment must be treated with caution. 
• Reporting is just as important as spotting. If you see something suspicious, flag it immediately. 

Do’s 

• Always check the sender’s address carefully. Small changes like “snappi.bankk” instead of “snappibank” are common tricks. 
• Hover over links before clicking to see the real destination. 
• Report suspicious emails straight away using the phishing button in Outlook.
• Take your time. Urgent demands for action are a red flag. 

Don’ts 

• Don’t enter your Snappi credentials on any site that doesn’t have the official snappibank.com domain. 
• Don’t click on links or attachments from unknown or unusual senders. 
• Don’t respond to messages asking for sensitive information like passwords, one-time codes, or customer details. 
• Don’t assume a message is safe just because it looks professional or uses Snappi branding. 

Phishing and social engineering are simple tricks with big consequences. Cybercriminals don’t need to hack our systems if they can convince one of us to hand over the keys. Slow down, think before you click, and always report anything suspicious.  

Visit Knowbe4 for short video trainings:  

• Basics of Phishing 
• 2025 Social Engineering Red Flags 

 Together we’ll keep Snappi safe.