Bank securely

We’re committed to protecting your personal and financial information, and as your partner, we want to let you know how you can help. Of course, if your information ever does fall into the wrong hands, we’ll be here to make it right.

Your security is a top priority

Here you’ll find tips to help with various situations, along with our contact information. Whether your card’s missing or something’s suspicious with your account, contact us and we’ll help you right away.

Need Help?


Contact us immediately if an unauthorized person has accessed your credit card(s).

Contact us by phone

Customer service 1-800-CAPITAL (1-800-227-4825)
Outside the US, call collect 1-804-934-2001
Fraud Protection 1-800-427-9428
International collect calls to report a lost or stolen card 1-804-934-2001

Contact us immediately if an unauthorized person has accessed your account(s).

Contact us by phone

Customer service 1-800-655-BANK (2265)
Dispute Transaction 1-800-655-BANK (2265) (select language, then option #2)
Report a lost or stolen ATM/Debit card 1-800-427-9428

Contact us immediately if you believe your ATM/debit card has been lost or stolen.

You can also notify us of a lost or stolen credit card online, but if you suspect someone may have used it, call us immediately.

MasterCard Zero Liability
You may have additional protection from MasterCard.

If you receive a suspicious phone call

  • When in doubt, do not provide the caller any information and end the call.
  • If you provided a caller with information related to your account, contact us if you think the inquiry was suspicious.

If you receive a suspicious email

  • If you received a suspicious email that claims to be from Capital One, do not click any links contained in the message and forward the entire email with the original subject line to abuse@capitalone.com.
  • You may also want to sign in to your online account or call us to ensure that there are no issues with your account.

If you receive a suspicious text message claiming to be from Capital One

  • Do not reply to the message.
  • Do not click on any of the links within the message.
    If you have the ability to forward the text message to an email address, send it to abuse@capitalone.com.
  • If you can’t send the text to an email address, send a separate email to abuse@capitalone.com and include the content of the text message including the subject.
  • After sending the information to Capital One, delete the text message from your mobile phone.
  • If you clicked a link and provided information related to your account, contact us if you think the text was suspicious.

If you received a suspicious communication through social media that targets you as a Capital One customer, please forward the entire communication to abuse@capitalone.com.

If you're a victim of identity theft, set up free alerts through one of the credit bureaus. Those alerts will last 90 days. Alerts are renewable, but credit bureaus may not allow continuous renewals if you're trying to use them as a credit monitoring tool.

You can also freeze your credit, preventing criminals from opening new accounts in your name. Check out the latest Credit Freeze Protection information from the Federal Trade Commission (FTC) and consider setting one up on your credit file. Depending on the state where you live, there may be a fee. Keep in mind that credit freezes don't protect you from fraud on previously opened accounts.

If you received an email confirming changes you didn't make (such as a change in your email address, user name, or password), please contact us immediately at the appropriate number.

Note: For customers with multiple accounts, you may call the number shown for any of your accounts.

Credit Cards (866) 750-0873
Capital One Bank (877) 442-3764
Capital One 360 (888) 464-0727
Capital One Auto Finance (800) 946-0332
Capital One Home Loans (800) 933-9100
Capital One CreditWise (844) 238-1649

If you’re trying to use the temporary password in the Capital One Mobile app, the Capital One WalletSM or on the mobile web browser (m.capitalone.com), it won’t work. You’ll need to sign in on one of our other apps or our desktop site.

Note: Temporary passwords expire after a period of time. Please check the email containing your temporary password to ensure it’s still valid. If your temporary password has expired, use the Password Reset tool at our full website, (not our mobile app or mobile site):

For Credit Card
1. Go to servicing.capitalone.com.
2. Click on the Forgot Password link.

For Capital One Bank
1. Go to www.capitalone.com and select “Banking” in the sign-in menu.
2. Enter your user name and click Continue.
3. Select “Capital One Bank.”
4. Click on the Forgot Password link.

For Capital One 360
1. Go to www.capitalone.com and select “Banking” in the sign-in menu.
2. Enter your user name and click Continue.
3. Select “Capital One 360.”
4. Click on the Forgot your Password link.

For Capital One Auto Finance
1. Go to www.capitalone.com and select “Auto Loans” in the sign-in menu.
2. Enter your user name and click Continue.
3. Click on the Forgot your Password link.

For Capital One Home Loans
1. Go to the Home Loans Password Retrieval page.
2. Enter your user name and last four digits of your Social Security number.
3. Click Next.

For Capital One CreditWise
1. Go to creditwise.capitalone.com
2. Click on the Forgot Password link.
3. Enter your user name and last four digits of your Social Security number.

Please use the online Password Reset tool to reset your password. If you're coming from a mobile device, you'll need to access the Password Reset tool at our full website, (not our mobile app or mobile site).

For Credit Card
1. Go to servicing.capitalone.com.
2. Click on the Forgot Password link.

For Capital One Bank
1. Go to www.capitalone.com and select “Banking” in the sign-in menu.
2. Enter your user name and click Continue.
3. Select “Capital One Bank.”
4. Click on the Forgot Password link.

For Capital One 360
1. Go to www.capitalone.com and select “Banking” in the sign-in menu.
2. Enter your user name and click Continue.
3. Select “Capital One 360.”
4. Click on the Forgot your Password link.

For Capital One Auto Finance
1. Go to www.capitalone.com and select “Auto Loans” in the sign-in menu.
2. Enter your user name and click Continue.
3. Click on the Forgot your Password link.

For Capital One Home Loans
1. Go to the Home Loans Password Retrieval page.
2. Enter your user name and last four digits of your Social Security number.
3. Click Next.

For Capital One CreditWise
1. Go to creditwise.capitalone.com 
2. Click on the Forgot Password link.
3. Enter your user name and last four digits of your Social Security number.

Our Part — How we protect you


Security Training

Capital One associates are required to participate in annual security training.

Social Security Number Protections

Safeguards are in place to protect your information.

  • We prohibit the unlawful disclosure of your Social Security number.
  • We restrict access to your Social Security number except when required for authorized business purposes.

When you contact us:

  • When you initiate contact with Capital One, we’ll verify your identity before sharing account information or performing transactions on your behalf.
  • Our agents may ask you to verify information we have on file or ask other questions to confirm that they’re speaking to you.
  • Our agents will not ask you over the phone to provide your online banking password or answers to your online security questions.

When we contact you:

  • We may contact you by email with offers or to provide account information. If you’re ever in doubt about a communication, forward any suspicious emails to abuse@capitalone.com.
  • Our Fraud department may contact you if we detect unexpected activity on your account. Fraud agents will require verification of your identity prior to discussing your account.
  • If you ever suspect the party contacting you is not Capital One, please tell the caller that you would prefer to contact Capital One directly and use the contact numbers on our site.
  • We’ll never ask you over the phone to provide your online banking password or answers to your online security questions.

Text messages from Capital One

We may contact you via text to confirm an attempted charge (to prevent fraud), but we will never ask you to confirm or verify your personal information in an unsolicited text message.

We use some of the strongest forms of encryption commercially available for use on the Web today.

Online communication between you, your account, and Capital One are protected. Your data is encrypted with 128-bit Secure Socket Layer (SSL), which helps ensure that sensitive information can only be viewed by you and our secure systems.

Secure Site Indicator

We make it easy to confirm that you’re on a secure, authorized site by providing a visual indictor in the address bar of your browser. The address bar will show “https,” and a closed lock. Web addresses that begin with "https://" use encryption—the “s” stands for “secured.” In some browsers, the address bar will also turn green.

Customer Verification

Our strong authentication controls protect your accounts from unauthorized access.

We adhere to all requirements of the Federal Government's banking regulators.

Technology Guarantee

We build information security into our systems and networks using internationally recognized security standards, regulations, and industry-based best practices.

We offer various ways to move money electronically for the purpose of paying bills, making purchases and managing your accounts. Such services include, ATM/debit cards, electronic check conversion, phone transfers, online bill payment and online banking external funds transfer. When using these services, we ask that you monitor your account and alert us of any unauthorized transactions. Read more about EFT under the Resources section on this page.

If you’re ever notified that your data may have been compromised by a breach, it’s important to take precautions to protect yourself from identity theft:

  • Take advantage of any credit monitoring services offered.
  • Order a credit report to monitor for new accounts.
  • Sign in to your account online to review account activity for unknown transactions and to change your user name, password and security questions if online credentials are breached.

For more information on data breaches, visit the Identity Theft Resource Center.

Your Part — What you can do


Please review the tips below and be aware of your surroundings when using any ATM.

  • Be prepared: Have your deposit slips, checks, endorsements, and other documents ready.
  • Be cautious: Inspect the ATM for skimming devices that can be attached to ATMs and capture your card information. Protect your PIN by shielding your PIN entry with your hand or body.
  • Be observant: Scan the surrounding area prior to approaching an ATM. If you feel uneasy for any reason, leave the area.
  • Be patient: If you see another person using the ATM, allow them to finish their transaction before approaching.

Online Account Safety

  • Safeguard your online banking credentials, including user name and password, by keeping them private and secure.
  • Avoid using obvious passwords, like pet names, unless you make them unique by adding special characters or numbers to make them more obscure.
  • Create distinct sign-in credentials that are different than those used for social networking or other online accounts.
  • Take note of emails, phone calls, or texts requesting your account or sign in information and report them immediately.
  • After completing a transaction online, make sure you sign out when you’re finished, then close your browser completely.
  • When using public or shared computers (like in a library), be aware of your surroundings including people who could look at your computer screen.
    Don’t select the “remember me” feature for your user name or password.

Wi-Fi Network Tips

  • Don’t assume that available Wi-Fi connections are safe and secure. Cyber criminals create public Wi-Fis in public spaces so that they can view data, including usernames and passwords, and steal your information.
  • Limit the sensitive information viewed during a public Wi-Fi session, as the data may be visible or intercepted by a third party intent on stealing your identity or sign-in information.
  • If in doubt, use your cellular network if available.
    For more information, check out some Wi-Fi tips from the Federal Trade Commission (FTC).

Online Network Safety

  • Install and regularly update anti-virus and anti-spyware software. Perform frequent scans of your computer.
  • Look for EV SSL encryption (green bar and https visual indicators) in web address bars.
  • Use the most recent version of your computer operating system and Internet browser as previous versions can have security weaknesses that put you at risk.
  • Be careful when you download free software from the Internet. A lot of free software may contain viruses or other malicious software that could steal your information.

Online Tips

  • Be careful not to over-share information on social networking sites—personal information could be used to access your accounts.
  • Set up alerts for account activity. Some alerts are generated automatically when you set up online account access, but you also have the ability to set up customized alerts. Alerts can be sent via email or text.
  • Choose paperless (online only) statements to reduce your risk of mail fraud and identity theft, and reduce the likelihood of your account information getting into the wrong hands.

General Tips

  • Store your credit and debit cards in a secure place where you’ll immediately know if they’re missing.
  • Sign the back of your credit and debit cards as soon as you receive them.
  • When you’re expecting a new or replacement credit or debit card, look for it in the mail.
  • Report a lost or stolen credit or debit card immediately.
  • Never carry your PIN in your wallet or write it on the back of your credit or debit card, and don't choose an obvious number (such as your birth date or telephone number) for your PIN.
  • Never let anyone put your account number on a check or any other document not associated with a purchase on your account. (In some states, this is against the law.)
  • Never give your account number or other personal information to someone calling you on the phone, even if the caller says it will be used to claim a prize or award.
  • Review your financial statements and verify that transactions were authorized by you and report any unrecognized charges to us.
  • Keep documents with personal information—like credit card bills, statements, and offers for preapproved credit—in a safe place or shred them if you don’t need them.
  • Check your credit report regularly. You can order one free report per year from each credit bureau (that's three free credit reports per year) or from annualcreditreport.com. If information looks incorrect, request a correction.
  • Social Security numbers of minors are sometimes used to commit identity theft. Parents may want to request credit reports for their children on an annual basis.

Phishing is a common scam that uses email to collect personal or financial information. A phishing email often appears to be sent from a legitimate source that is actually an imposter.

How to spot a phishing email:

  • Requests: If information is requested in an email, identify alternative ways to provide the information. If you have any doubt, don’t respond to the email.
  • Email details: Inspect the sender’s email address and hover over any URL links included in the message. Although the email address and URL may appear to be legitimate at first glance, this information can be spoofed or direct you to an unauthorized site.
  • Urgency: Scare tactics are often used to prompt victims to respond to requests for personal or financial information. Email notices that threaten to close your account or impose fines or penalties should be treated as suspect.
  • Typos and grammatical errors: Spelling errors and oddly structured sentences can be a quick indication that the email is not from a legitimate source.

For more information on Phishing, you can visit the FDIC Phishing Scam site.

Malware is malicious software that is intended to damage or disable computers and computer systems. Your computer can potentially be infected when you open an attachment, click on a pop-up ad, or download a game, song, screensaver, or other application. Many types of malware can operate without you ever knowing you’re infected, and some can lead to identity theft and credit card fraud.

Signs your computer may be infected with malware include general computer problems (slow processing or frequent crashes), excessive pop-up messages and spam, or other unexplained changes to toolbars, search settings, or homepage settings.

Here are some tips to help you avoid malware:

  • Consider any attachments to email messages potentially unsafe. They can cause you to download spyware or a virus without your knowledge or any indication that it’s occurring. We will never email you an attachment or a software update to install on your computer. In general, never open unexpected attachments from anyone.
  • If possible, use one computer for banking and security-sensitive applications and a different computer for less sensitive activities such as email and social networking.
  • Keep your software updated and install manufacturer-provided patches. This is especially important for operating systems, Web browsers, and security software, but also applies to other programs.
  • Only download programs and files from legitimate sources. It’s not uncommon for malware to be embedded within an otherwise legitimate program or file when advertised for free through file sharing or other sources not endorsed by the original manufacturer.

A security breach is when sensitive data ends up in the hands of someone who does not have authorization to receive the information. Sensitive data may include Social Security numbers, user names, passwords, account numbers, bank statements, and similar information. Data breaches can occur in several ways including large-scale organized cyber-attacks (when large files of data are stolen from a financial institution).

If you’re ever notified that your data may have been compromised by a breach, it’s important to take precautions to protect yourself from identity theft:

  • Take advantage of any credit monitoring services offered.
  • Order a credit report to monitor for new accounts.
  • Sign in to your account online to review account activity for unknown transactions and to change your user name, password, and security questions if online credentials are breached.

For more information on data breaches, visit the Identity Theft Resource Center. 

Tools you can use


If you use our mobile app for credit cards, you can replace your usual password with a custom pattern you swipe with your finger. Some users find this not only quicker but some also feel safer by not having to deal with the typical letter-number combinations that most sites require. Find the feature in the Settings menu of the app.

Learn more about SureSwipe.

Known as your wallet’s new best friend, this free app can help keep you informed and safeguard your credit card accounts.

  • Track your spending and be sure you’re the only one using your Capital One cards.
  • Get real-time purchase notifications of exactly when your cards are used so you’ll know right away if someone else is using your card.
  • See specifics like the merchant name, purchase location, and more.

Learn more about Capital One Wallet.

We automatically check your credit card accounts for unusual, duplicate, and auto-renewal charges. If we see any of those types of things, we’ll notify you to help be sure you’re not wrongfully charged.

Learn more about Second Look.

Alerts are a great way to identify unauthorized transactions. Once you’re signed up, we’ll send you an email or text message if and when certain activity occurs on your account.

Some examples of optional alerts

  • Transaction posts over a certain dollar amount
  • Your balance is greater than a specified amount
  • A payment has posted

We’ll also send some security alerts automatically if we think you should be informed of something important.

Some examples of security alerts

  • Suspicious activity on your credit card
  • Mailing address has changed
  • Online password has changed

We’ll send you a real-time alert by email or text if we suspect a fraud attempt. This way you can respond instantly and avoid unlawful charges or unnecessary declines.

Keep track of your credit standing and monitor your credit score with our free Credit Tracker tool.

  • Receive an alert whenever an inquiry is made to your credit—like if an account is opened in your name or a change of address is requested.
  • Receive alerts if changes occur to your credit standing—like if an account is reported delinquent.
  • Check your credit alerts online anytime to see things like the reporting of improved accounts.

Learn more about Credit Tracker.

Within your online and mobile transactions list, we show you detailed information including the merchant name, address, phone number, and a map if available, so you can see if anything looks fishy.

If you have an iPhone®, you can use your fingertip as your account sign in.

Use Apple Pay along with your Capital One credit or debit card to make purchases with a single touch on your iPhone®. It’s a simple way to pay easily on the go while leaving your physical card at home.

Learn more about Apple Pay.

Resources


  • Add yourself to the national Do-Not-Call registry at donotcall.gov or call 1-888-382-1222.
  • Opt out of receiving preapproved credit offers by calling 1-888-5-OPT-OUT and remove your name from direct mail lists by visiting dmachoice.org.
  • Check out the FBI’s list of common fraud schemes.
  • Explore different types of fraud, victim stories, tips, and other valuable information at LooksTooGoodToBeTrue.com—a government funded site dedicated to informing consumers about fraud.
  • Learn more about identity theft by visiting the Federal Trade Center’s (FTC) site.

 

At least once a year, it is good to check your credit report for inaccuracies. You can contact or request a report from any of the bureaus listed below.

Equifax
P.O. Box 740241
Atlanta, GA 30374-0241
1-800-997-2493

Experian
P.O. Box 2104
Allen, TX 75013-2104
1-800-311-4769

TransUnion
P.O. Box 1000
Chester, PA 19022
1-800-888-4213

Capital One offers various ways to move money electronically for the purpose of paying bills, making purchases and managing your accounts. Such services include, ATM/debit cards, electronic check conversion, phone transfers, online bill payment and online banking external funds transfer. When using these services, we ask that you monitor your account and alert us of any unauthorized transactions.

Types of Electronic Funds Transfers

  • ATM/debit card transactions: You may use ATM/debit cards to withdraw cash, make transfers between your Capital One accounts, deposit funds, complete point-of-sale transactions, make account inquiries, and for other banking activities. Please make your PIN memorable to you and do not share it with other parties.
  • International Transactions: Capital One employs fraud monitoring to help detect and protect against ATM/debit card fraud. The fraud monitoring process is designed to identify and investigate transactions that fall outside of your normal usage patterns. To protect your account, transactions occurring in countries where fraud is elevated may be denied. Please notify Capital One prior to international travel or purchases to prevent inquiries based upon your activity or blocked transactions.
  • Electronic check conversion: You may authorize a merchant or other payee to make a one-time electronic payment from your checking account using information from your check to: pay for purchases, or pay bills.
  • Online Banking External Funds Transfer: You may enroll in online banking to perform electronic transfers to external accounts. When you enroll, you will be provided terms and conditions that apply to electronic transfers using our online banking services. Capital One sets limitations on daily and monthly transactions for your protection.
  • Online Banking Bill Payment: Online payments include payments made from a Capital One account (including scheduled payments via our online bill pay service), any payment to certain Capital One accounts and payments in the form of funds transfers to eligible loan or line of credit accounts.

Protections Provided for Electronic Funds Transfers

  • Capital One sends monthly statements to your address on record unless you elect to go paperless. If you don't receive your statements by mail, we make an electronic version available in Online Banking. Please review your statements and verify that all the transactions shown were authorized by you.
  • In the event you think a transfer or withdrawal shown on your statement is incorrect, or if you believe an unauthorized transfer or withdrawal has taken place—including those made through your ATM/debit card, code, or other means—contact us immediately.
  • We must be notified within sixty (60) days after the first statement on which the suspected problem appeared. If you do not contact us within this sixty (60) day time period, you could be held responsible for all unauthorized transfers and withdrawals that occurred between the end of the sixty (60) day period and the time you actually notified us if those transactions could have been prevented had we been notified.
  • Contact Capital One immediately if you believe your ATM/debit card has been lost or stolen, or if you believe that an electronic fund transfer has been made without your permission. Telephoning is the best way of keeping your possible losses down. If you tell us within two (2) business days after you learn of the loss or theft, your liability could be as much as $50.00 if someone used your ATM/debit card without your permission.
  • If you do not tell us within two (2) business days after you learn of the loss or the theft of your ATM/debit card, and we can prove we could have stopped someone from using your ATM/debit card without your permission if you had told us, you could lose as much as $500.00.
  • MasterCard Zero Liability: You may have additional rights under the MasterCard rules. Provided that the PIN is not used as the cardholder verification method, you will not be responsible for unauthorized use of the Platinum Debit and Business Debit Cards if your account is in good standing, you have exercised reasonable care in safeguarding your card from any unauthorized use, and you have not reported two or more unauthorized events in the past 12 months.
  • If you have questions regarding zero liability coverage or you suspect unauthorized use of your ATM/debit card, contact us immediately.

Frequently Asked Questions


General Questions

Mobile Banking Security

Privacy

Commercial


Beyond the practices and procedures that we have in place and recommend for all our customers, our customers with Commercial accounts should take extra precautions to ensure the safety of their data.

Protecting Online Payments and Account Data
While it’s your responsibility to safeguard your own data, including information that can be used to access your accounts at Capital One, we recommend that you consider implementing the following controls for your business:

  • Evaluate your internal controls for online banking and conduct an annual risk assessment. Identify gaps and continuous improvement opportunities to ensure the safety of your financial data and resources.
  • Dedicate and restrict one computer to online banking transactions, and allow no Internet browsing or email exchange on it. Ensure that each computer is equipped with the latest versions and patches of both anti-virus and anti-spyware software.
  • Segregate responsibilities among different employees by maintenance, entry, and approval.
  • Delete online user IDs as part of the exit procedure when employees leave your company.
  • Assign dual system administrators for online cash management services.
  • Periodically evaluate employee job functions and remove online services.
  • Establish transaction limits for employees who initiate and approve online payments.
  • Set up alerts to notify managers of payments initiated above a threshold amount that warrant management's attention.
  • Use dual controls: Require multiple users to release an online payment since it is less likely that a fraudster would control the workstation of both initiating employees.
  • Reconcile records by carefully monitoring account activity and reviewing all transactions initiated by your company on a daily basis.
  • Use separate accounts for electronic and paper transactions to simplify monitoring and tracking any discrepancies.

Apple, the Apple logo, and iPhone are trademarks of Apple Inc., registered in the U.S. and other countries. Apple Pay and Touch ID are trademarks of Apple Inc.

*

Apple Pay is not currently available for our partner cards.

Capital One Wallet is currently not available to customers of our partner cards. Capital One Bank retail debit card customers can use Capital One Wallet to receive real-time notifications and view account balances and transactions. Capital One 360 payment card customers can only use Capital One Wallet to view account balances and transactions.

Capital One does not provide, endorse, nor guarantee any third-party product, service, information or recommendation listed above. The third parties listed are not affiliated with Capital One and are solely responsible for their products and services. All trademarks are the property of their respective owners.