Phishing is the malicious attempt of fraudsters to intercept personal data such as internet banking credentials, PIN numbers for credit/ debit cards, passport numbers, ID numbers, VAT numbers, etc
Phishers send massively e-mails to random e-mail accounts of unsuspected receivers, and either
or
- by trying to persuade them that it is necessary,
they ask them to click on a link that exists in the body of the e-mail.
This link leads to sites created by the phishers that look like the official Banks’ sites, in order to mislead the users in typing their personal data.
You can protect yourselves from Phishing by:
- avoiding to open e-mails from unknown senders
- not giving your credentials and your personal data to sites of organizations of which you have no knowledge
The term “Malware” (malicious software) stands for the programs that can be installed in your computer or your mobile phone without you realizing it, in order to intercept sensitive information and perform non authorized actions, or, generally, to take control of your device without your knowledge.
Malware that aims to intercept data constantly monitors the sites you visit and if it detects that these sites concern a certain Bank, it secretly starts to record in a local file anything you type (Username, Passwords etc). If needed, it can also save a snapshot/ image of the site. Afterwards, Malware automatically sends all the recorded data (usually as attachment of an e-mail) to its creator. The sent data may be either used directly by the creator of the Malware or sold to a third party.
The most common tactics for installing the Malware are the following:
- as attached files at e-mails - fraudster send e-mails that try to trick you to follow a site by downloading a piece of software or to open an attachment that subsequently installs a Trojan.
- as free software (e.g. games movies, music)
You may protect yourselves from Malware by:
- avoiding opening e-mails form senders unknown to you
- being very careful where you download files from
- installing special programs for protecting your devices (anti-virus. anti-spyware etc) and updating them regularly
- regularly upgrading your programs (operating systems, browsers etc) to their last edition
Vishing (VoicePhising) aims to intercept your personal data just like phishing, but is accomplished via VoIP (Voiceover IP), landline phone or mobile phone.
The prospective victim receives a message (usually recorded) about suspicious activity that has been detected at an account or credit card of his/hers. The victim is asked to call a certain number and enter personal data in order to “confirm” or “reject” the suspicious transaction.
You may protect yourselves from Vishing by not responding to such requests, given the fact that the Bank will never address requests of this kind to you. Furthermore, you should contact the Bank by calling at the appointed phone numbers (182838 or 210 3288000).
A phishing attempt sent via SMS (Short Message Service) or text message to a mobile phone or device. This tactic is also referred to as smishing, which is a combination of SMS and phishing. The purpose of text message phishing is the same as traditional email phishing: convince recipients to share their confidential information.