BCR Card Sales

 General Advices of Security

General Safety Tips

If you receive messages requesting information or giving instructions to visit a website, install software or follow a procedure, ignore them and report it immediately to the BCR at telephone number 2211-1111 of the Customer Service Center or at email: CentroAsistenciaBCR@bancobcr.com

  • Protect yourself from Phishing (false messages): See
  • Beware of Spyware (spy software): See
  • Do not be deceived by the "Social Engineering": See  

 1- Beware of false sites, calls and text messages ("Phishing", "Vishing", "Smishing").

 "PHISHING" is the creation of fake sites on the Internet (identical copies of an actual site). It sends  users an email claiming to be a related company, such as, your bank with a threatening or motivating messages:
" Your login has expired, please login and change your password: if you do not, the BCR is not responsible." 

" You have been included in the "one million colones" contest; please, enter and activate your participation." 

 E-mail message includes a link to "click", which takes users to the false site.
 Another way is to create identical sites with similar addresses instead of www.bancobcr.com, as: www.bancbcr (note the lack of the "o" in Bancbcr) or www.bancodecostarica.com; this in hopes that the user mistakenly types these addresses,  accessing the fake site in which your password is captured. 

 Besides fake sites, scammers use other two deceiving techniques known as "Dishing" and "Smashing" which consist of making phone calls or sending text messages to request and convince users to hand over confidential information such as account number, PIN, access key, security code and others with which they can carry out fraud.


  • The BCR electronic banking website is www.bancobcr.com.
  • When you enter the site, type the address in the Internet browser, and verify it is well typed.
  • Never click on a link received by email.
  • Never give anyone confidential information such as account number, PIN,  access key, security code, neither by phone, text messaging, fax, in person, or by any other means; there is no justification for someone to request this information. The BCR will NEVER ask for this information
  • Keep an updated record of your accesses to the Virtual Office/Online Branch (access log), and each time you access it check date and time of the last connection in order to detect unauthorized access.

How to act?

If you mistakenly entered a fake site or gave your password, enter the official site of the BCR and block the user by entering the password incorrectly more than 3 times. 

If in addition to the password you gave your PIN number or other information, immediately call the BCR and request blocking and cancelling your card since with that information someone may get access online again, even if you have locked your account.

If there is any suspicion, please call the Customer Service Center
Telephone 2211-1111 (24 hours)



 2- Beware of spy software "Spyware".

Spyware is a system distributed over the Internet, it installs in user computer without their consent, and can read information stored in it and send it via Internet to websites controlled by unscrupulous people.

It captures information such as passwords to be sent to someone on the Internet.

How the software can be installed without the knowledge or consent of the customer?
The software works like a computer virus, can be received in an email, acquired by accessing a website, or when installing free software that apparently performs a function and actually does another.


  • Do not perform banking transactions from public access computers, such as Internet cafes, restaurants, libraries, airports, or others, if you are unsure that they have adequate security systems.
  • Install on your computer an antivirus and spyware system, and keep it updated.
  • Install a personal Firewall or intrusion detection and prevention system. If your computer has Windows XP operating system; it already has a basic system that can be activated. To learn how to do it, you can review the following guides:

    In English:
  • Avoid downloading systems or applications of doubtful origin, such as free software with mass mailings.
  • Avoid entering unknown sites or dedicated sites to prohibited activities (pornography, hacking, etc).
  • Do not open mail attachments received from unknown persons or known ones that you did not expect.



 3- Do not be deceived by the "Social Engineering ".

Social Engineering is a form of deception used by people with a high degree of convincing techniques; they select and study a victim (home, work, family, tastes, and preferences) to convince them to provide information.


  • These people have the natural gift of persuasion.
  • They pose as Bank employees who are conducting a survey or offer prizes.
  • They will give you personal details of your accounts and numbers.
  • They pose as a Manager, or Chief Executive.
  • They dress very elegant.
  • They report be referred by another employee.
  • Try to make friends, they are friendly, to get more information. 


  • Do not release information or perform procedures under pressure.
  • Follow procedures

Do not offer yourself to open banking accounts for third parties, or lend your accounts to make transfers that are not strictly personal; you may be cooperating in the commission of a crime.

The BCR will never ask you by email, telephone, mailing, or personally personal data, passwords, or confidential numbers that are secret and only for personal use.



For further information, please contact us at e-mail:


Oficinas y Cajeros
Most Frequent links:
Housing LoansAuto LoansPersonal LoansOpening an accountInvesting my Money
©2019 BCR Copyright. Comments: CentroAsistenciaBCR@bancobcr.com - Mobile version