Skip BreadcrumbHome / Security / False messages using the name Millennium bcp

Watch out for strange emails

Identify emails  

We have been alerted that several Clients and non Clients received e-mail messages supposedly sent by Millennium bcp with the subject "Millenium bcp - Nova Mensagem - XX/10/2017", "Alerta bcp - Apoio ao Cliente”, "Millennium bcp Aviso ("número")" e "Millenium bcp - Nova Mensagem - XX/09/2017”, telling the Client to open the links as you can see below:

Identifique os emails

"Millennium bcp
Nova Mensagem - XX/10/2017"
"Alerta bcp
Apoio ao Cliente"
"Millennium bcp
Aviso (número)"
"Millennium bcp
Nova Mensagem - XX/09/2017"

It represents another case of Phishing wherein when you access the link,
a login page similar to the one presented by Millennium bcp,
but located at another website (URL), appears, indicating "estamos a atualizar os dados dos nossos clientes":

After you enter the User Code, the page requests 4 random positions of the Multichannel Code,
and afterwards another 3 positions
, as well as an Authorization Code received by SMS in order
to proceed with the false "ativação da aplicação de segurança" (activation of the security application),
which does not exist on our website, and the Authorization Code obtained is to confirm fraudulent transactions
that are currently being executed by the attacker, as shown in the sequence of screens below:

Please reminded that...

To access Millennium bcp's homebanking services the Bank NEVER requests your mobile phone number or the installation of security software;
Whenever you access your bank accounts through the Millennium bcp website, check if the address starts with (for the Individuals access) and (for the Companies access) and that, at the end of the address bar, a lock is shown, as follows:


Millennium bcp always sends electronic messages without links;
The Millennium bcp's website is accessed using a User Code and three random positions of the Multichannel Code and Millennium bcp never requests the installation of software/security apps (or other), therefore any such request is a fraud attempt;
Carefully read the SMS received containing the Authorisation Codes since the transaction data are identified in the SMS;

Additional information

  • Phishing aims to, abusively, steal personal data through messages that take the user to fake websites, imitating those you usually access and requesting that you enter confidential data;
  • Analyse the e-mails you receive before opening them, always confirming the source, the subject and the spelling and, if you remain with doubts, delete the e-mail without opening it;
  • Avoid opening links to external websites as well as opening executable files;
  • Never provide personal information or data in an e-mail reply;
  • Install (if you haven't done so yet) an antivirus software and update it regularly.

Remember: The protection of your assets and of your computer depends on you!

If you ever find something out of place at or if you need further information
please call us on 91 827 24 24 / 93 522 24 24 / 96 599 24 24 / +351 21 005 24 24 (from Portugal or abroad)
(Personal Assistance 24/7).

Individuals - Security information Companies - Security information