Known scams and how to protect yourself

Phishing

Malware

Malware are programs that can be installed on your computer or mobile device without your knowledge in order to intercept sensitive information from your device and perform unauthorized actions or generally gain control of the device without your knowledge.

Malware that aims to intercept data constantly monitors the websites you visit and if it detects that these sites concern a certain bank, it starts to secretly record everything you type (username, password, etc.) in a local file. It can even save a snapshot/image of the site. After the user completes the process, it automatically sends all the data recorded (usually attached to an e-mail) to its creator. The sent data may be used directly by the creator of the malware or sold to a third party.

The most common malware installation tactics:

• E-mail attachments: fraudsters send e-mails trying to trick you into following a website by downloading a piece of software or opening an attachment that subsequently installs a Trojan.
• Free software downloads (e.g. games, movies, music).

How to protect yourself from malware

• Don't open e-mails from unknown senders.
• Be careful where you download files from.
• Install special protection programs for your devices (anti-virus, anti-spyware, etc.) and update them regularly.
• Regularly update your programs (operating systems, browsers, etc.) to the latest version.

Vishing

Known as vishing, or voice phishing, this tactic is a phishing attempt made through a telephone call or voice message. Fraudsters may have the ability to spoof their caller ID so it could appear that the telephone call is coming from the bank or from a global corporation. Fraudsters may also have the identifying customer information, such as your name, which they may use to make the call appear "authentic". They target the sensitive data extraction that may be disclosed by the victim. These will by his "consent" be used against him.

How to protect yourself from vishing

• If you don't know the caller, please end the call and confirm the caller's details with Piraeus Bank's contact center at 210 32 88 000, 24 hours a day from your mobile phone or land line with charges applied according to your plan with your telecom operator.
• Don't respond to requests for your account, card or password details and do not follow links contained in phishing e-mails or text messages that encourage you to log in to Piraeus e-banking.
• You can identify the official website of the bank and Piraeus e-banking by the security lock at the beginning of the search bar. 
• Forward the "suspicious" e-mail or SMS to the bank at fraudrisk@piraeusbank.gr.

Smishing

Smishing is a phishing attempt via SMS (Short Message Service) or text message on your mobile phone or device. The purpose of the text message phishing is the same as traditional e-mail phishing, i.e. to convince recipients to share their confidential information.

How to protect yourself from smishing

• Don't open SMS from unknown senders.
• Don't give your passwords and personal information to sites you don't know which organisation they belong to.

Mobile/PC vishing

Scammers call unsuspecting customers pretending to be representatives of well-known IT companies. They convince customers that their computer needs repair or cleanup and install applications to remotely control their devices (PC, tablet, mobile phone), thus obtaining their e-banking credentials.
 

How to protect yourself from mobile/PC vishing

• Don't answer unknown phone calls, especially if they come from abroad.
• Don't install applications when indicated by strangers.
• Don't allow remote access to your electronic devices (PC, tablet, mobile phone).
• Don't share your e-banking credentials (username and password) or card numbers with anyone and don't save them on unknown websites. Confirm that you have visited the official Piraeus Bank website. Banks never and in no way ask you for your credentials via e-mail or SMS.
• Install special protection programs for your devices (anti-virus, anti-spyware, etc.) and update them regularly.
• Regularly update your programs (operating systems, browsers, etc.) to the latest version.
• If you fall victim to fraud, end the call immediately and contact the bank.

SIM swapping

It refers to a fraud where perpetrators initially steal e-banking credentials, usually through a phishing e-mail or through malicious software (trojan/malware) installed on the victim's computer. They then proceed to unauthorized replacement/exchange of the customer's mobile SIM card in order to gain access to mobile services (calls, SMS, push notifications). In this way, the perpetrators gain access to one-time passwords or security verification messages, in order to complete the money interception.

How to protect yourself from SIM swapping

• If your phone stops receiving or making calls for an unusual reason, or if you lose signal in a location that usually has good coverage, contact your network provider and confirm that your SIM has not been deactivated.
• Don't disclose your mobile phone number on social media.
• Subscribe to the services of organisations that provide SMS and e-mail notifications when your transactions are executed.
• Don't share your e-banking credentials (username and password) or card numbers with anyone and don't save them on unknown websites. Confirm that you have visited the official Piraeus Bank website. Banks never and in no way ask you for your credentials via e-mail or SMS.
• Check your account transactions frequently.
• If you fall victim to SIM Swapping fraud or find transactions that don't have your approval and contact the bank immediately.