Phishing (online scam) is a form of digital attack that is carried out mainly via emails from supposedly trusted sources. Cybercriminals’ ultimate goal is to mislead potential victims and steal personal data, bank account or credit/debit card details, login credentials etc.
During the COVID-19 pandemic, fraudulent attempts to extract personal and financial information or passwords have significantly increased. In many cases, a seemingly harmless e-mail, sms or phone call may be hiding a well-organized digital phishing attack.
Within a broader cyber threat management framework, NBG seeks to increase its customers' vigilance and help them to identify, and then manage as best as possible, such attacks.
• SIM Swapping
Is a technique during which the fraudsters manage to access the victim's personal data in various ways, such as through malicious applications, social media searches, etc. With said data, they deceive the mobile phone service providers to get a new SIM card to replace the one held by the rightful holder. Once they activate the new card, they will be able to receive all calls and messages of the rightful holder and thus carry out illegal activities. See here detailed information by the Hellenic Banking Association.
Fake text messages (SMS) are sent to potential victims' mobile phones.
When the attempt to deceive is made over the phone. A common example of a vishing attempt is through a supposed repair of the device (e.g. computer, smartphone) of the potential victim by a well-known IT company. This way, the fraudsters convince their victims that the device requires some kind of intervention (e.g. repair) and install applications that give them control of the device, in order to intercept the personal data of the victims. See here detailed information by the Hellenic Banking Association.
• Pharming (phishing without a lure)
Hackers, or some sort of malware installed on the potential victim’s computer through the browser, redirect the victim to a virtual website.
• Spear Phishing
This technique targets specific individuals. Hackers research and focus on specific targets by sending appropriate tailor-made emails.
Targeted phishing aimed at high-profile targets, such as CEOs or politicians.
• Clone Phishing
Advanced technical interference in the actual email correspondence. The hacker clones a legitimate email message sent by a trusted source. The victim receives an email that appears to be a reply to the existing conversation, but it might contain malicious links.
1) The e-mail does not come from the domain (@nbg.gr) of National Bank of Greece, but it appears to be related to or originating from it. 2) Attachments (very often files with .pdf, .zip extension). 3) Poor and incorrect use of language or grammatical errors. 4) E-mails/sms/ phone calls that ask the user to take some sort of action that seems suspicious, such as to click on a link and pass specific information. 5) The links contain anagrams that refer to existing links similar to those of NBG, but without belonging to its domain.
• The attacker sends an e-mail, which can be very similar to the messages that banks send to their customers. It uses a terminology that gives the feeling of urgency. It copies the logo, features and style of actual e-mail messages. It may contain an attachment that the recipient is requested to download or a link to click on in order to be transferred to the "Bank's environment" to complete the requested actions.
• The user receives the Phishing e-mail with the “infected” link.
• The link connects the user with a website created by the attacker.
• Following a request, the user enters personal/corporate data into the website.
• The website, which has been created by the attacker, stores said data.
• The attacker gains access to the data entered by the user.
• The attacker uses and processes the user’s data to his benefit.
• The attacker gains access to the user’s accounts.
Pay special attention to:
• E-mails from unknown/ untrusted sources. • E-mails that require some unusual action, even from people you may know.
An e-mail is “suspicious” when it contains:
• Anagrams or spelling errors in the sender's address. • Non-existent names and addresses (e.g. email@example.com, firstname.lastname@example.org). • Be wary of e-mails that require immediate action on your part or threaten to deactivate your accounts. • Be vigilant of e-mails that are not addressed to you by name or have spelling errors.
1) If someone calls you from an unknown number, especially from abroad, and claims to be with any IT company whatsoever, while you have not reported any computer damage, you should end the call.
2) Never install any remote management software suggested by strangers.
3) Do not, for any reason whatsoever, disclose to any third parties your Internet Banking login credentials, the one-time passwords (OTP) you receive via Viber or SMS, or your personal and financial details.
4) If your mobile phone stops working for unusual reasons, contact your mobile service provider immediately. In some cases, you may lose signal due to wider problems affecting your mobile service. However, if you do not get service, even though you are located in an area that usually has good signal coverage, it is safer to contact your network provider and confirm that your SIM has not been deactivated.
5) Do not disclose your mobile phone number on social media.
6) Subscribe to your bank’s services which provide secure SMS and e-mail notifications when your transactions are executed. If you are a user of NBG’s Mobile Banking, you can receive push notifications on your mobile phone for any incoming or outgoing transaction carried out on your accounts or cards.
7) Do not ever reply to messages or calls from unknown senders asking for account information and your registered mobile phone number.
8) Do not click on any website links and do not open any email attachments sent from unknown senders. Check the sender thoroughly, as the perpetrators often pretend to be legitimate businesses and organizations.
9) Your Internet/Mobile Banking credentials (username and password) or your card number are not to be disclosed to anyone or entered in unknown websites. Make sure you are inside your Bank’s official site and remember that Banks will never and by no means whatsoever ask you to disclose your passwords.
10) Make sure that your computer and other devices (tablet, smartphones) always use the most up-to-date software and applications, Install and always update a trustworthy malware protection program.
11) Regularly check your account statements.
If you suspect you have been the victim of a Phishing attack, you have either detected a suspicious e-mail/phone call/sms, or discovered transactions made without your approval:
• You should immediately call NBG’s Contact Center at (+30 210 48 48 484) and report all necessary details regarding the incident.
• Alternatively, please visit NBG’s website.
• For more details on tackling cybercrime and common cyber scams, you can visit the websites of NBG, the Hellenic Bank Association, Europol, the European Commission, ENISA and CERT-EU which have joined forces in an effort to keep the public updated at all times.