What should I do if my account has been taken over?
Summary
Do you think someone else has gained access to your Bitvavo account? In this article, you will read which signs may indicate an account takeover, which steps you can take immediately to secure your account, and how you can contact the Bitvavo fraud department.
What does an account takeover mean?
An account takeover means that an unauthorized person has gained access to your Bitvavo account. This can happen, for example, through phishing, malware, a data breach, or because someone has gained access to your email account.
Possible signs of an account takeover are:
- You can no longer log in to your account.
- You receive emails about changes that you did not request yourself.
- Your password, phone number, or two-factor authentication (2FA) has been changed without your permission.
- You see transactions or activities that you do not recognize.
- You receive security notifications for actions that you did not perform yourself.
What should I do if my account has been taken over?
Step 1: Enable the crypto withdrawal lock
If you still have access to your account, we recommend immediately enabling the crypto withdrawal lock. This prevents crypto from being withdrawn from your account until you disable the lock yourself.
Read how to enable the crypto withdrawal lock here:
How can I freeze or unfreeze my crypto withdrawals?
Step 2: Secure your email account
Your email address is often used for password resets and security notifications. Therefore, it is important to first check if your email account is secure.
- Change the password of your email account.
- Enable two-factor authentication (2FA) if this is not yet set up.
- Check if there are any unknown devices logged in.
- Check if there are no unknown forwarding rules set up.
Do you think you logged in via a fake website or did you receive a suspicious email? Then also read:
Is the email I received from Bitvavo or is it phishing?
Step 3: Change your Bitvavo password
If you can still log in:
- Log in to your Bitvavo account.
- Go to "Security".
- Change your password.
- Use a strong and unique password that you do not use for other services.
Step 4: Check your security settings
Check if the following details are still correct:
- Your email address.
- Your phone number.
- Your two-factor authentication (2FA).
- Any trusted devices.
If you see changes that you did not make yourself, contact the fraud department immediately.
Step 5: Check your account activity
Check if there has been any activity on your account that you do not recognize. To do this, view your transaction history and the security logs of your account.
You can view the security logs via:
https://account.bitvavo.com/security/logs
In the security logs, you will see among other things:
- The IP addresses used.
- Which actions were performed.
- The date and time when these actions were performed.
- Through which device the actions were performed.
Check if all activities were performed by you. Do you see an unknown IP address, device, or action? Then contact the fraud department immediately.
Step 6: Contact the fraud department
If you suspect that your account has been taken over, contact the Bitvavo fraud department as soon as possible.
Send an email to fraud@bitvavo.com and include:
- What happened.
- When you noticed the problem.
- Which activities you do not recognize.
- Which security measures you have already taken.
If possible, use the email address linked to your Bitvavo account. In addition, provide as much information as possible about the suspicious activities you found, such as the date, time, or IP address. This allows us to investigate the situation faster.
How can I prevent an account takeover?
You can reduce the risk of an account takeover by:
- Using a strong and unique password for your Bitvavo account.
- Enabling two-factor authentication (2FA).
- Enabling the crypto withdrawal lock.
- Never sharing your login details or 2FA code.
- Being alert to phishing and other forms of online fraud.
- Keeping your devices and software up to date.
- Regularly checking your security settings and security logs.
Frequently asked questions
Can I prevent crypto from being withdrawn from my account?
Yes. If you still have access to your account, you can enable the crypto withdrawal lock. This blocks crypto withdrawals until you disable the lock again. Read more in the article How can I freeze or unfreeze my crypto withdrawals?.
Can Bitvavo reverse transactions after my account has been taken over?
Transactions on blockchain networks are generally irreversible. Therefore, it is important to contact us immediately as soon as you suspect that someone has gained unauthorized access to your account.
How do I know if I have become a victim of phishing?
If you entered your login details on a website that later turned out not to be from Bitvavo, or if you responded to a suspicious email or text message, it is possible that you have become a victim of phishing. In that case, take immediate measures to secure your account and also read the article Is the email I received from Bitvavo or is it phishing?.
Why do I need to check my email account?
Your email account is often used for password resets and security notifications. If someone has access to your email account, that person may also be able to gain access to other online accounts, including your Bitvavo account.
What should I do if I can no longer log in?
Contact the fraud department immediately via fraud@bitvavo.com. Describe as clearly as possible what happened and which signs indicate that your account has been taken over. If possible, use the email address linked to your Bitvavo account.
Was this article helpful?