CFDs are complex instruments and come with a high risk of losing money rapidly due to leverage. 75% of retail investor accounts lose money when trading CFDs with XTB Limited. You should consider whether you understand how CFDs work and whether you can afford to take the high risk of losing your money.

CFDs are complex instruments and come with a high risk of losing money rapidly due to leverage. 75% of retail investor accounts lose money when trading CFDs with XTB Limited. You should consider whether you understand how CFDs work and whether you can afford to take the high risk of losing your money.

CFDs are complex instruments and come with a high risk of losing money rapidly due to leverage. 75% of retail investor accounts lose money when trading CFDs with XTB Limited. You should consider whether you understand how CFDs work and whether you can afford to take the high risk of losing your money.

Change region

Online security is key

especially when your money is at stake.

Scammers can be incredibly convincing, but with the right knowledge, it's easier to recognise them and avoid potential threats. Learn what to watch out for, how to protect yourself and what to do if something raises your concern.

TURN ON TWO-FACTOR AUTHENTICATION (2FA)

How to make your money safer in just 1 minute?

Enable 2FA to add an extra layer of security. Choose your preferred authentication method in addition to your credentials when logging in: a unique SMS code or one-time password generated in apps such as Google Authenticator, Microsoft Authenticator, and Apple Passwords. This way, no one using a different computer or smartphone will be able to log in to your account easily.

After turning on the 2FA, clients can add up to 10 trusted devices to log in securely.

How can you activate it? It’s easy!
1. Tap the profile icon on the top left (on the XTB mobile app) or click the three lines on the top right corner (on the xStation web platform).
2. Go to Settings → Security
3. Select "Two-Factor Authentication"

STAY CALM AND CAUTIOUS

You've got what it takes to outsmart scammers

Please note, we will never get in touch with you via WhatsApp, Facebook or any other social media platforms or groups. 

 

Before clicking links, entering your details or sending money, stop and think. Is the message trying to scare you or rush you? Is the person pushy or not giving you time to reflect? If something seems too good to be true, it probably is. Staying calm and using common sense can protect you from serious trouble.

OTHER TIPS TO KEEP YOU SAFE
What more can you do?

Keep your login, password and one-time codes to yourself

 

image 1-1

Our consultants will never ask  you for your password, login or one-time code sent to your phone or email. Keeping this information private helps ensure no one else can take full control of your account - or your money.

Use a unique password for each account

 

image 2-1

 

Using the same password everywhere makes you vulnerable - if one account is hacked, all are at risk. Using different passwords for each service keeps your data and money safer.

Log in only through the official XTB.COM/EN  website or XTB app

 

image 3-1

 

Scammers often send fake links by email or text, leading to websites that look almost real but are designed to steal your login details. Be careful - even one different letter in the web address can lead you to a dangerous site.

Install only trusted apps via Google pay or Apple store

 

image 4-1

 

Scammers can use certain software or browser plugins to secretly watch what you’re doing - like when you type your password - or even take control of your device and access your personal data. That’s why it’s important to install only trusted applications.

shape-right

Impersonating a company consultant

What we never ask about

Scammers may pretend to be XTB consultants, saying your account has been hacked, there’s suspicious activity or that you need to withdraw your funds. Their goal is to create pressure and make you act quickly, without having time to think it through.
 
OUR TIP: A real XTB consultant may ask to confirm your identity, but will never request your password, credit card details (like card number, expiry date, CVV or PIN) or ask you to install remote access tools such as AnyDesk. They will also never ask you to transfer money. If something doesn’t feel right, it’s okay to hang up - and reach out to XTB through our official contact channels. We’re here to help.
video_background
HOW SCAMMERS TRY TO TRICK YOU

Scammers can create websites that closely resemble the original. If you don’t pay close attention to the web address or small visual differences, you might end up "logging in" on a fake page - unknowingly giving your login and password to fraudsters.

OUR TIP #1: Always type “xtb.com/en” manually in your browser or use XTB’s official app downloaded from Google Play or App Store.

OUR TIP #2: If you logged in through a suspicious site, change your password immediately on xtb.com. If it’s too late, contact XTB Client Service to block your account.

Cybercriminals often send texts or emails claiming, for example, that a transaction was made on your account and must be confirmed via a link. That link leads to a fake site where, if you enter your login and password, scammers gain access to your real accounts. They may also use other excuses - like service issues or impersonating government institutions with fake alerts.

OUR TIP: SMS sender names can be faked. Be cautious with unexpected messages and never click on links - even if they look almost identical to official addresses.

Scammers often reach out from unknown numbers, pretending to be a friend who’s lost their phone and urgently needs help. A broken car, a blocked credit card, a sick child - whatever the story, pause and think before sending any money.

OUR TIP: Try contacting your real friend through another channel to confirm it’s really them. If the message feels pushy or suspicious, report the account and block the number.

If you use the same password for your email, social media, online stores, streaming platforms, subscriptions and financial services, you’re putting all your data and money at risk. A single hacked database can open the door to all your accounts. After breaching a website, cybercriminals often upload thousands - or even millions - of stolen credentials to the darknet, where others can buy and exploit them.

OUR TIP: Always use different passwords for different accounts and services. To make this easier and more secure, consider using a trusted password manager.

Many people use very simple passwords like “Password1!” or “12345678!”, or they include personal information such as their name or date of birth in it. Once a hacker gets hold of your personal data, it becomes much easier for them to guess your password.

OUR TIP: Create a complex password using a mix of uppercase and lowercase letters, numbers in a random sequence and special characters - sometimes replacing letters to make it easier to remember. Avoid using your name, surname, birthdate or any other personal data you provide during registration.

Please be aware that XTB will never contact you via WhatsApp, Facebook, Messenger, or any other social media platforms or groups.

 

We have recently been informed that scammers are impersonating XTB representatives and reaching out to individuals through these channels. These are fraudulent attempts.

 

Official XTB representatives will only contact you via phone and will never ask for your card numbers or sensitive financial information.

 

If you receive any suspicious messages, please report them to us immediately.

Get in touch with us

If you need help or something doesn't feel right

If you have any doubts, questions or notice anything unusual, don’t hesitate to reach out. Our Client Service team is here to help you and ensure your account stays safe.

Please get in touch here: uksales@xtb.com 

XTB Online Trading