Security and phishing

Phishing (a derivative of the word fishing) is a method used by fraudsters where they – using e-mails as a bait to fish unsuspected users - gain unauthorised access to their card and PIN information. In case of phishing, special attention is to be paid to the web page the user is browsing at the moment (address in the upper left corner: www...).

All users who receive such or similar e-mails are urged not to disclose any of their personal information, and to notify the bank immediately.

For the reasons of security OTP banka never requires its client to disclose such information, and we would therefore like to warn our clients about the danger of such messages, and serious consequences that disclosing of one’s card information or PIN can have. If you receive such a message, you should under no circumstances reply to it. We cannot stress enough that the bank that has issued the card does not know, is not entitled to, and would never ask for one’s PIN, and would never ask for the card information this way. Security systems of Croatian banks are top notch. Still, every client must take care of the card data protection on daily basis, and observe the Safe Use Instructions that can be found on the web page of OTP banka, and the General Terms and Conditions of Card Use. This means that the PIN number is not to be disclosed to anyone, the card data are not to be revealed to third parties, and special attention is to be paid to security of the computer used to access the Internet.


When visiting OTP banka Internet site and using its internet banking, make sure your computer is connected to the OTP banka server. To that end, please check the following:

  • The address (URL) of the site you are visiting is one of the following: ... ... ...

  • Look for the VeriSign digital certificate confirming the authenticity of the server you are communicating with.