Your security is a top priority

Here you’ll find tips to help with various situations, along with our contact information. Whether your card’s missing or something’s suspicious with your account, contact us and we’ll help you right away.

Need Help?

Customer service    
1-800-CAPITAL (1-800-227-4825)

Outside the US, call collect    
1-804-934-2001

Fraud Protection    
1-800-427-9428

International collect calls to report a lost or stolen card    
1-804-934-2001

Contact us immediately if an unauthorized person has accessed your account(s).

Contact us by phone

Customer service
1-800-655-BANK (2265)

Dispute Transaction
1-800-655-BANK (2265) (select language, then option #2)

Report a lost or stolen ATM/Debit card
1-800-427-9428

Contact us immediately if you believe your ATM/debit card has been lost or stolen.

You can also notify us of a lost or stolen credit card online, but if you suspect someone may have used it, call us immediately.

MasterCard Zero Liability
You may have additional protection from MasterCard.

If you receive a suspicious email, phone call, or text message from someone claiming to be Capital One, please report the incident to abuse@capitalone.com using the following guidelines:

Suspicious Email

What is Phishing?

  • Phishing occurs when a fraudster sends an email message appearing to be from a legitimate entity. The email is designed to trick users into providing personal information like credit card information, Social Security numbers, and login credentials.

How to Identify Phishing

Here are some ways to spot potential phishing emails:

  • Check the Details. Inspect the sender’s email address and hover over (do not click) any URL links included in the message. Although the email address and URL may appear to be legitimate at first glance, this information can be spoofed or direct you to an unauthorized site.
  • Beware the Scare. Scare tactics are often used to prompt victims to quickly respond to requests for personal or financial information. Email notices that threaten to close your account or impose fines or penalties should be treated as suspect.
  • Look Out for Errors. Spelling, grammatical errors, and oddly structured sentences can indicate that the email is not from a legitimate source. Furthermore, emails that use generic titles (like Mr., Mrs., Sir or Madam, etc.) instead of your legal name should be treated with caution.
  • Go to the Source. Phishing emails may use official logos and headers, so it can be hard to verify validity. If you ever question the legitimacy of an email, try going directly to that company's website rather than clicking links in emails or downloading attachments.

Reporting Phishing

  • If you received a suspicious email that claims to be from Capital One or misuses the Capital One brand, do not click any links contained in the message or download any attachments, and instead forward the entire email with the original subject line to abuse@capitalone.com.

Suspicious Phone Call

What is Phone Phishing?

  • Phone phishing, also known as “voice phishing” or “vishing,” occurs when a fraudster calls directly and asks you to do something like provide personal information like credit card information, Social Security numbers, and login credentials.

How to Identify Phone Phishing

Many of the phishing indicators also apply to vishing attacks, such as an urgent timeline or intimidating language. You can also spot phone phishing using the following helpful hints:

  • Do Not Comply. If the caller leaves a message, you can listen to their message, but DO NOT comply with their demands.
  • When In Doubt, Call It Out. It is fairly easy to spoof the number for an incoming call. If you receive a suspicious call that is claiming to be from an actual company, call the company directly to verify whether the request is legitimate. You can also search the web for the suspicious phone number to see if it routes back to a legitimate source.

Reporting Phone Phishing

  • If you receive a suspicious phone call that claims to be from Capital One, do not provide the caller with any account information, and end the call. See our Communication Guidelines below for how you can tell if the call is legitimate.
  • Report the suspicious phone call to abuse@capitalone.com. Be sure to include in your email the phone number that called you and the information the person was trying to acquire.
  • If you provided a caller with information related to your account and think the inquiry was suspicious, contact us using the number on the back of your credit card.

Suspicious Text Message

What is Text Message Phishing?

  • Text message phishing, or “SMS phishing,” occurs when a fraudster uses text messages appearing to be from a legitimate source in order to entice individuals to reveal personal information like credit card information, Social Security numbers, and login credentials.

How to Identify Text Message Phishing

  • Don’t Do Business Via Text. A legitimate business will never ask you to reveal your account number, user name, password, or full Social Security number via text message.
  • Know the Signs. Just as with email and phone phishing, be aware of urgent language, grammar or spelling errors, or unknown senders. Furthermore, be wary of clicking on shortened URL links like TinyURL or Bitly.

Reporting Text Message Phishing

  • If you receive a suspicious text message that claims to be from Capital One, do not reply to the message or click on any links within the message.
  • Instead take a screenshot of the message and send the screenshot to abuse@capitalone.comBe sure to include the sending phone number and the content of the message. After sending the information to Capital One abuse@capitalone.com, delete the text message from your mobile phone.
  • If you clicked a link and provided information related to your account, contact us using the number on the back of your credit card if you think the text was suspicious.

Our Part — How we protect you

When you contact us:

  • When you initiate contact with Capital One, we’ll verify your identity before sharing account information or performing transactions on your behalf.
  • Our agents, whether over the phone or in our branches and cafes, may ask you to verify information we have on file or ask other questions to confirm your identity.
  • Our agents will not ask you over the phone to provide your online banking password.

When we contact you:

  • We may contact you by email with offers or to provide account information. If you’re ever in doubt about a communication instance, forward any suspicious emails to abuse@capitalone.com.
  • Our Fraud department may contact you if we detect unexpected activity on your account. Fraud agents will require verification of your identity prior to discussing your account.
    • We may contact you via text to confirm an attempted charge (to prevent fraud), but we will never ask you to confirm or verify your personal information in an unsolicited text message.
  • If you ever suspect the party contacting you is not Capital One, please tell the caller that you would prefer to contact Capital One directly and call back using the contact numbers on our site or on the back of your card.
  • We’ll never ask you over the phone to provide your online banking password.

How We Protect You

  • Social Security Number Protections. Safeguards are in place to protect your information. We prohibit the unlawful disclosure of your Social Security number and restrict access to your Social Security number except when required for authorized business purposes.
  • Security Checks. Capital One uses several security features to help protect your accounts from unauthorized access. You may be asked to provide additional verification of your identity if we detect changes in your online sign-on related to your device, location, or other factors, or you are attempting an online transaction that requires added security. The protection of your account and identity is important to us and we continue to strive to enhance our security to protect you against fraudsters.
  • Multi-Factor Authentication. One way to help keep your information safe is using multi-factor authentication like SwiftIDSM by Capital One. Basically, this adds another level of security by requiring a different piece of information in addition to your password. These secondary factors could be a security question, a code sent to your phone, or even your fingerprint.

How You Can Protect Yourself

  • Best Practices. Safeguard your online banking credentials, including username and password, by keeping them private and secure. Make sure your password is complex, making it difficult to guess, and create distinct sign-in credentials that are different than those used for social networking or other online accounts.
  • Check for Secure Sites. Look for an “https” or a lock symbol next to the site’s URL. In some browsers, the address bar will also turn green. This indicates it’s an encrypted, safe connection.
  • Stay Safe on Public Wi-Fi. Public Wi-Fi is just that—public. Don’t access personal accounts on unsecured Wi-Fi networks and pass on making any purchases until you have a private connection to help prevent credit card fraud. When using public or shared computers (like in a library), be aware of your surroundings, including people who could look at your computer screen. Do not select the “remember me” feature for your username and password.
  • Beware of Malware. Malware is malicious software that is intended to damage or disable computers and computer systems. Your computer can potentially be infected when you open an attachment, click on a pop-up ad, or download a game, song, screensaver, or other application. Only download programs and files from legitimate sources. It is not uncommon for malware to be embedded within an otherwise legitimate program or file when advertised for free through file sharing or other sources not endorsed by the original manufacturer.
  • Stay Up to Date. Fraudsters use social media to target you for your personal information. Never share personal, banking, or password information on these platforms.
  • Be Vigilant on Social Media. Keep your software updated with the latest version and install manufacturer-provided patches. This is especially important for operating systems, Web browsers, and security software, but also applies to all programs.
  • Let Capital One Know. Report any suspicious emails, phone calls, text messages, or social media communications claiming to be from Capital One to abuse@capitalone.com.

We offer various ways to move money electronically for the purpose of paying bills, making purchases and managing your accounts. Such services include, ATM/debit cards, electronic check conversion, phone transfers, online bill payment and online banking external funds transfer. When using these services, we ask that you monitor your account and alert us of any unauthorized transactions. Read more about EFT under the Resources section on this page.

Your Part — What you can do

Please review the tips below and be aware of your surroundings when using any ATM.

  • Be prepared: Have your deposit slips, checks, endorsements, and other documents ready.
  • Be cautious: Inspect the ATM for skimming devices that can be attached to ATMs and capture your card information. Protect your PIN by shielding your PIN entry with your hand or body.
  • Be observant: Scan the surrounding area prior to approaching an ATM. If you feel uneasy for any reason, leave the area.
  • Be patient: If you see another person using the ATM, allow them to finish their transaction before approaching.

Online Tips

  • Be careful not to over-share information on social networking sites—personal information could be used to access your accounts.
  • Set up alerts for account activity. Some alerts are generated automatically when you set up online account access, but you also have the ability to set up customized alerts. Alerts can be sent via email or text.
  • Choose paperless (online only) statements to reduce your risk of mail fraud and identity theft, and reduce the likelihood of your account information getting into the wrong hands.

General Tips

  • Store your credit and debit cards in a secure place where you’ll immediately know if they’re missing.
  • Sign the back of your credit and debit cards as soon as you receive them.
  • When you’re expecting a new or replacement credit or debit card, look for it in the mail.
  • Report a lost or stolen credit or debit card immediately.
  • Never carry your PIN in your wallet or write it on the back of your credit or debit card, and don't choose an obvious number (such as your birth date or telephone number) for your PIN.
  • Never let anyone put your account number on a check or any other document not associated with a purchase on your account. (In some states, this is against the law.)
  • Never give your account number or other personal information to someone calling you on the phone, even if the caller says it will be used to claim a prize or award.
  • Review your financial statements and verify that transactions were authorized by you and report any unrecognized charges to us.
  • Keep documents with personal information—like credit card bills, statements, and offers for preapproved credit—in a safe place or shred them if you don’t need them.
  • Check your credit report regularly. You can order one free report per year from each credit bureau (that's three free credit reports per year) or from annualcreditreport.com. If information looks incorrect, request a correction.
  • Social Security numbers of minors are sometimes used to commit identity theft. Parents may want to request credit reports for their children on an annual basis.

Tools you can use

If you use the Capital One app, you can use mobile app verification to verify your identity and keep your account secure. Mobile app verification uses your sign-in credentials and your phone to help ensure that you – and only you – can access your Capital One account. Find this feature in the Security menu of the app.

Learn more about Mobile App Verification.

Eno monitors your credit card accounts for unusual activity, such as potential fraud or duplicate charges, and automatically reaches out to help you resolve issues on the spot.

Learn more about Eno.

Alerts are a great way to identify unauthorized transactions. Once you’re signed up, we’ll send you an email or text message if and when certain activity occurs on your account.

Some examples of optional alerts

  • Transaction posts over a certain dollar amount
  • Your balance is greater than a specified amount
  • A payment has posted

We’ll also send some security alerts automatically if we think you should be informed of something important.

Some examples of security alerts

  • Suspicious activity on your credit card
  • Mailing address has changed
  • Online password has changed
  • Sign in from a new device

We’ll send you a real-time alert by email or text if we suspect a fraud attempt. This way you can respond instantly and avoid unlawful charges or unnecessary declines.

Resources

  • Add yourself to the national Do-Not-Call registry at donotcall.gov or call 1-888-382-1222.
  • Opt out of receiving preapproved credit offers by calling 1-888-5-OPT-OUT and remove your name from direct mail lists by visiting dmachoice.org.
  • Check out the FBI’s list of common fraud schemes.
  • Learn more about online fraud schemes and how to protect yourself at Stay Safe Online.
  • Learn more about identity theft by visiting the Federal Trade Commission's (FTC) site.

Visa® Protection and Security Basics
MasterCard® Protection and Security 

At least once a year, it is good to check your credit report for inaccuracies. You can contact or request a report from any of the bureaus listed below.

Equifax
P.O. Box 740241
Atlanta, GA 30374-0241
1-800-997-2493

Experian
P.O. Box 2104
Allen, TX 75013-2104
1-800-311-4769

TransUnion
P.O. Box 1000
Chester, PA 19022
1-800-888-4213

Capital One offers various ways to move money electronically for the purpose of paying bills, making purchases and managing your accounts. Such services include, ATM/debit cards, electronic check conversion, phone transfers, online bill payment and online banking external funds transfer. When using these services, we ask that you monitor your account and alert us of any unauthorized transactions.

Types of Electronic Funds Transfers

  • ATM/debit card transactions: You may use ATM/debit cards to withdraw cash, make transfers between your Capital One accounts, deposit funds, complete point-of-sale transactions, make account inquiries, and for other banking activities. Please make your PIN memorable to you and do not share it with other parties.
  • International Transactions: Capital One employs fraud monitoring to help detect and protect against ATM/debit card fraud. The fraud monitoring process is designed to identify and investigate transactions that fall outside of your normal usage patterns. To protect your account, transactions occurring in countries where fraud is elevated may be denied. Please notify Capital One prior to international travel or purchases to prevent inquiries based upon your activity or blocked transactions.
  • Electronic check conversion: You may authorize a merchant or other payee to make a one-time electronic payment from your checking account using information from your check to: pay for purchases, or pay bills.
  • Online Banking External Funds Transfer: You may enroll in online banking to perform electronic transfers to external accounts. When you enroll, you will be provided terms and conditions that apply to electronic transfers using our online banking services. Capital One sets limitations on daily and monthly transactions for your protection.
  • Online Banking Bill Payment: Online payments include payments made from a Capital One account (including scheduled payments via our online bill pay service), any payment to certain Capital One accounts and payments in the form of funds transfers to eligible loan or line of credit accounts.

Protections Provided for Electronic Funds Transfers

  • Capital One sends monthly statements to your address on record unless you elect to go paperless. If you don't receive your statements by mail, we make an electronic version available in Online Banking. Please review your statements and verify that all the transactions shown were authorized by you.
  • In the event you think a transfer or withdrawal shown on your statement is incorrect, or if you believe an unauthorized transfer or withdrawal has taken place—including those made through your ATM/debit card, code, or other means—contact us immediately.
  • We must be notified within sixty (60) days after the first statement on which the suspected problem appeared. If you do not contact us within this sixty (60) day time period, you could be held responsible for all unauthorized transfers and withdrawals that occurred between the end of the sixty (60) day period and the time you actually notified us if those transactions could have been prevented had we been notified.
  • Contact Capital One immediately if you believe your ATM/debit card has been lost or stolen, or if you believe that an electronic fund transfer has been made without your permission. Telephoning is the best way of keeping your possible losses down. If you tell us within two (2) business days after you learn of the loss or theft, your liability could be as much as $50.00 if someone used your ATM/debit card without your permission.
  • If you do not tell us within two (2) business days after you learn of the loss or the theft of your ATM/debit card, and we can prove we could have stopped someone from using your ATM/debit card without your permission if you had told us, you could lose as much as $500.00.
  • MasterCard Zero Liability: You may have additional rights under the MasterCard rules. Provided that the PIN is not used as the cardholder verification method, you will not be responsible for unauthorized use of the Platinum Debit and Business Debit Cards if your account is in good standing, you have exercised reasonable care in safeguarding your card from any unauthorized use, and you have not reported two or more unauthorized events in the past 12 months.
  • If you have questions regarding zero liability coverage or you suspect unauthorized use of your ATM/debit card, contact us immediately.

Commercial

 

Beyond the practices and procedures that we have in place and recommend for all our customers, our customers with Commercial accounts should take extra precautions to ensure the safety of their data.

Protecting Online Payments and Account Data
While it’s your responsibility to safeguard your own data, including information that can be used to access your accounts at Capital One, we recommend that you consider implementing the following controls for your business:

  • Evaluate your internal controls for online banking and conduct an annual risk assessment. Identify gaps and continuous improvement opportunities to ensure the safety of your financial data and resources.
  • Dedicate and restrict one computer to online banking transactions, and allow no Internet browsing or email exchange on it. Ensure that each computer is equipped with the latest versions and patches of both anti-virus and anti-spyware software.
  • Segregate responsibilities among different employees by maintenance, entry, and approval.
  • Delete online user IDs as part of the exit procedure when employees leave your company.
  • Assign dual system administrators for online cash management services.
  • Periodically evaluate employee job functions and remove online services.
  • Establish transaction limits for employees who initiate and approve online payments.
  • Set up alerts to notify managers of payments initiated above a threshold amount that warrant management's attention.
  • Use dual controls: Require multiple users to release an online payment since it is less likely that a fraudster would control the workstation of both initiating employees.
  • Reconcile records by carefully monitoring account activity and reviewing all transactions initiated by your company on a daily basis.
  • Use separate accounts for electronic and paper transactions to simplify monitoring and tracking any discrepancies.