Groups of fraudsters from Greece and abroad target users to extract or steal their login details to the banking systems. These groups communicate directly with users either by e-mail or by texting on their mobile phone or by calling them directly on the phone. Their aim is to pretend to be representatives of the Bank, an Authority, a legitimate company or someone from the wider social circle of the users in order to deceive them.
Usually, fraudsters are in possession of certain information of the user who uses it to “certify” that what they ask for is legitimate. This information may be a Tax Identification Number, an Identity Card or Passport Number and a host of other personal information.
The ultimate goal of fraudsters is to gain the user’s trust to reveal to them their User ID, Secret Code, Credit/Debit Card Number and PIN and, finally, to reveal to them the automated messages with the confirmation codes (OTP) sent to them by the Bank. Having in their possession these data or part of them they can proceed to malicious transactions for their personal benefit, burdening the user financially.
Malicious email
Fraudsters send malicious emails to the general public pretending to come from a reputable company or the victim’s Bank. This email is classified as a phishing email and its main goal is to lead the victim to a fake website that will look like this Bank’s in order to push him to fill in their login details. The email contains links to malicious websites and uses expressions to give the victim the need of urgency e.g. “The account has been locked, please log in to unlock it” or “a suspicious transaction has taken place please log in to the link below to check it out”.
When the user logs in and starts registering on the fake website his login details, the fraudsters record them so that they can use them to connect to the user’s bank account. Then having all the necessary information they proceed to malicious transactions through the user’s account.
The Bank or any affiliates will not ask you by email to enter or confirm or log in to its eBanking platform.
Malicious sms (smishing)
A variant of e-mail deception is the attempt to defraud via a short message or text message on the mobile phone. The purpose of the message is to push the user to follow an infected link or install infected software on their device to steal their private information. Then, having at their disposal the cunning of this information proceed to malicious transactions with the user’s data.
The Bank or any affiliates will not ask you via SMS to enter or confirm or log in to its ebanking platform
Malicious telephone communication (vishing)
The most targeted scam is the phone-based fraud. In this case, the fraudsters communicate directly with the user and pretend to represent the Bank or another company. In most cases they have gathered personal information about the user in order to easily mislead him and gain trust by giving the impression that the call is made by a representative of the Bank or a legitimate company. Their goal is to lead the user to reveal sensitive data to them and use it against them or to push them to perform actions for their own personal benefit. In any case, if you do not know your interlocutor or if you cannot confirm with strong criteria that he is the one he claims to be, immediately stop communicating with him and confirm his details by phone with the Branch of the Bank that serves you.
Do not reply, under any circumstances, when you are asked for details of your accounts, cards or passwords and do not follow links contained in phishing mails or text messages and urge you to log in to the online banking of the Cooperative Bank of Chania.
The Bank or any affiliates will not ask you to disclose or confirm your personal information by phone.
Other Scams
Other noticeable scams:
Scam involving phone calls for “alleged” computer failure. The perpetrators call citizens pretending to be employees of multinational companies and convince them to allow them to install remote connection programs on their computers. With these programs they then derive sensitive information from the victims’ computers and passwords to banking systems.
«SIM Swapping». In cases of SIM Swapping fraud, the perpetrators take advantage of the sim card change feature and pretend to be either the SIM cardholder or someone authorized by the legitimate subscriber, thus trying to deceive the mobile operators and obtain a new card to replace the one the legitimate owner has. As soon as they activate the new card, the old one, which is in the possession of the legal subscriber, is deactivated and so all services (calls, SMS, internet access) are received on the device held by the defrauded offender, enabling them to carry out illegal activities without the knowledge of the legitimate subscribers. (e.g. receiving calls and messages intended for them, stealing single-use codes or security verification messages, etc.).
The Cooperative Bank of Chania demonstrates particular sensitivity to the security of information and communications and constantly ensures to offer the maximum possible security in its digital services to the public. Indicatively, the Bank has adopted full encryption of communications and recording of accesses to its systems. At the same time, for each transaction it requires certification by the user in two different ways using a limited time code sent via SMS or VIBER.
- Αν το κινητό σας σταματήσει να λειτουργεί για ασυνήθιστους λόγους, επικοινωνήστε αμέσως με τον πάροχο κινητής τηλεφωνίας σας. Μερικές φορές μπορεί να χάσετε σήμα λόγω ευρύτερων προβλημάτων που επηρεάζουν την υπηρεσία κινητής τηλεφωνίας. Ωστόσο, εάν χάσετε την υπηρεσία σε μια θέση που συνήθως έχει καλή κάλυψη, είναι ασφαλέστερο να επικοινωνήσετε με τον πάροχο του δικτύου σας και να επιβεβαιώσετε ότι δεν έχει απενεργοποιηθεί η SIM σας.
- Μην αποκαλύπτετε τον αριθμό του κινητού σας τηλεφώνου στα μέσα κοινωνικής δικτύωσης.
- Εγγραφείτε στις υπηρεσίες των οργανισμών που παρέχουν ειδοποιήσεις SMS και ηλεκτρονικού ταχυδρομείου όταν εκτελούνται συναλλαγές σας.
- Μην απαντάτε ποτέ σε άγνωστα μηνύματα ή κλήσεις που σας ζητούν τα στοιχεία λογαριασμών σας και τον καταχωρημένο αριθμό του κινητού σας τηλεφώνου.
- Μην ακολουθείτε συνδέσμους (links) ιστοσελίδων και μην ανοίγετε συνημμένα αρχεία που μπορεί να λάβετε από άγνωστους αποστολείς ηλεκτρονικού ταχυδρομείου. Ελέγξτε προσεκτικά τον αποστολέα καθώς οι δράστες συχνά προσποιούνται νόμιμες επιχειρήσεις και οργανισμούς.
- Μην κοινοποιείτε σε κανέναν και μην εισάγετε σε άγνωστες ιστοσελίδες, τους κωδικούς e-banking σας (username και password) ή αριθμούς καρτών. Επιβεβαιώνετε ότι έχετε επισκεφθεί το επίσημο site της Τράπεζάς σας και θυμηθείτε ότι οι τράπεζες ποτέ και με κανένα τρόπο δεν θα σας ζητήσουν τους κωδικούς σας.
- Ο υπολογιστής και οι συσκευές σας (tablet, έξυπνα κινητά) να έχουν πάντα τις τελευταίες ενημερώσεις λειτουργικού και εφαρμογών. Εγκαταστήστε και έχετε πάντα ενημερωμένο ένα αξιόπιστο πρόγραμμα προστασίας από κακόβουλο λογισμικό.
- Να ελέγχετε συχνά τις κινήσεις των λογαριασμών σας.
- Εάν έχετε πέσει θύμα απάτης τύπου SIM Swapping ή έχετε διαπιστώσει συναλλαγές οι οποίες δεν έχουν την έγκρισή σας ενημερώστε άμεσα την Τράπεζά σας.
- If your phone stops operating for unusual reasons, contact your mobile network provider immediately. Sometimes you may lose signal due to wider problems affecting your mobile service. However, if you lose network coverage in a location that usually has good coverage, it is safer to contact your network provider and confirm that your SIM has not been disabled.
- Don’t reveal your mobile phone number on any social media platforms.
- Sign up for services of organizations that provide SMS and email notifications when your transactions are executed.
- Never reply to unfamiliar messages or calls asking you for your account information and your registered mobile phone number.
- Do not follow links of web pages or open attached files that you may receive from unknown e-mail senders. Carefully check the sender as perpetrators often pretend to be legitimate businesses and organizations.
- Do not share with anyone and do not enter in any unknown websites, your e-banking codes (username and password) or card numbers. You confirm that you have visited the official site of your Bank and remember that banks will never and in no way ask you for your passwords.
- Your COMPUTER and devices (tablets, smartphones) always have the latest operating system and app updates. Install and always have a reliable anti-malware program up to date.
- Check your account statements frequently.
- If you have been the victim of a SIM Swapping scam or you have found transactions that do not have your approval, please inform your Bank immediately.