What's new

22.4.2022 15:32

Warning: Phishing attempts for customers’ bank card and online banking details on the Tori.fi online marketplace for second-hand goods

Criminals are phishing customers’ online banking and bank card details on the Tori.fi online marketplace for second-hand goods. We have received numerous reports from customers who have been selling their goods. In this connection, a fraudster is phishing for the customer’s payment details through a fake courier service in Posti’s name. If you are asked to give your payment details to the buyer, end the conversation immediately and contact the Tori support.

Never give any other payment details except your account number in connection with Tori.fi deals. Criminals try to make you believe that if you enter your bank card details and online banking identifiers on their website, the payment will be transferred to your payment card after the deal has been completed. However, you cannot receive payments on your payment card. Instead, this will give the criminals unlimited access to your online bank and payment card.


A scam website disguised as a courier service looks very much like Posti’s real website. It may even include a chat customer service person that guides you in giving your payment details. Don’t let this confuse you – the person behind the chat is the fraudster themself.


The Tori.fi service too warns about such scams, as follows: “Tori has no own payment system or courier or transport service. If, during the sale or purchase, you are asked to confirm payment via a link or give your payment details, or if you are directed to Tori’s payment website, do not make the payment but contact the Tori support.”

If you suspect that your user ID has fallen into the wrong hands, deactivate your user ID by calling 0100 0500 (personal customers) or 0100 05151 (corporate customers). When our Customer Service is not available, please call the OP Deactivation Service at +3581000555. It is available 24/7. Be sure to also call our Customer Service during service hours to report the incident.

Please remember these seven things when you do banking online

  1. Do not go to an online bank through the link you have received or a search engine. The message directing you to the login page is scam. You may end up in a scam website through Google, Bing or another search engine too, so type the address on the browser’s address bar. 
  2. Check the address. Always make sure that you are at www.op.fi. Do not enter your identifiers into a site if you are not sure about its legitimacy.
  3. Keep your user ID and password to yourself. The bank will never ask you to provide your user ID over the phone or by SMS or email.
  4. Do not open email or SMS attachments sent in the bank’s name. Verify that the attachments are genuine with your bank’s customer service. 
  5. If a person you don’t know asks you to install an application, do not do so. Install the software you need yourself through an app store of your device. 
  6. Do not confirm transactions you aren’t certain you have made yourself. Always read the confirmation requests with due care – if there is anything that does not match, do not confirm anything. 
  7. Please ask in the case of doubt. If the contact or message is suspicious, please contact your own bank before you do anything else.