Everything you need for the security of your transactions

Phishing is the attempt to steal your banking data through misleading e-mails or mobile phone messages from supposedly trusted entities. The main target is the interception of your Digital Banking access codes, as well as your bank account or credit and debit card details.

Messages such as SMS, e-mails or even phone calls (e.g., repairing an "alleged" fault) appear to come from the bank itself or from other trusted organizations and seek to mislead you and extract personal data such as your Digital Banking password and details of your bank accounts or credit and debit cards.

The bank's cotemporary identification systems as well as your proper awareness on these kinds of attempts can protect you from being a fraud victim. The bank will never ask you for your passwords through any form of message and you should never log into Digital Banking through links embedded in any message.

These messages usually include an urgent sign, but having been informed you can identify them, and stay safe.

1. The email does not originate from the National Bank of Greece domain (@nbg.gr), although the communication attempts to indicate that it is related to or originates from it.

2. There are attached files included in the emails (very often files with the extension . pdf,. zip)

3. Poor & incorrect use of the Greek language or grammatical errors are detected.

4. The content of the e-mail/sms/phone call asks you to perform a suspicious action, e.g., to go to a link and enter certain information.

5. The links contain anagrams referring to existing electronic sites, like those of the National Bank of Greece, but without belonging to the bank.

SIM Swapping

A technique in which fraudsters manage to gain access to the victim's personal data in various ways, such as through malicious applications, social media searches, etc. With this data, they deceive mobile operators to obtain a new SIM card to replace the one the legitimate holder has. Once they activate the new card, they can receive all the calls and messages of the legitimate holder to perform illegal activities. See the detailed update from the Hellenic Bank Association.

Smishing

Plain text messages (SMS) sent to the mobile phones of potential victims.

Vishing

The attempt to deceive is made by means of a telephone call. Very common is the attempt to deceive through an alleged repair of the device (e.g., computer, smartphone) of the potential victim by a well-known IT company. In this way, they convince their victims that the device requires intervention (e.g., repair) and install applications that allow them to control the device in order to steal the victims' personal data stored on it.

Pharming (phishing without a lure)

Hackers or some malware installed on the potential victim's computer through the browser, directing them to a virtual website.

Spear phishing

This technique targets specific individuals. Hackers research and focus on specific targets by sending appropriately tailored emails.

Whaling

Targeted e-fishing aimed at "big targets", e.g., CEOs or politicians.

Clone phishing

Advanced jamming technique in real mail. The attacker clones a legitimate email from a trusted source. To the victim, the email or mobile message they receive appears to be a continuation of their conversation but may contain a malicious link.

1. Avoid online scams

If someone calls you from an unknown number and claims to be an employee of a well-known IT company, without you having reported a computer fault, you should terminate the call.

2. Avoid using unreliable software

Never install remote management software that may be suggested by a stranger.

3. Protect your online/social media presence

If your mobile phone stops working for unusual reasons, contact your bank and mobile phone provider immediately. Sometimes you may lose signal due to wider problems affecting your mobile phone service. However, if you lose service in a location where there is usually good network coverage, it is safer to contact both your bank and your network provider and confirm that your SIM has not been deactivated.

4. Enable instant notifications for your transactions

Don't give out your mobile phone number on social media.

5. Protect your devices

Subscribe to organizations’ services that provide SMS and email notifications when your transactions are executed. If you are an NBG Mobile Banking user, you can receive instant notifications on your mobile phone (Push Notifications) for every incoming or outgoing transaction from your accounts and cards.

6. Anti-malware solution

Never reply to unfamiliar messages or calls asking for your account details and your registered mobile phone number.

7. Keep your devices up to date

Your computer and devices (tablets, smart phones/smartphones) should always have the latest operating system and application updates. Install and always keep a reliable anti-malware program up to date.

8. Check your transactions

Check your account transactions frequently.

9. Activate the security features

Use the security features included in your device, such as keypad lock or phone lock when not in use.

10. Delete bank communications

Delete the text messages you receive from the bank, especially if someone else is going to use your device.

11. Keep the bank informed

If you change your mobile phone number, go immediately to the nearest bank branch to register it.

12. Turn off NFC technology

If any of your devices (e.g., smartphone, smartwatch, tablet, etc.) support contactless payments via NFC (Near Field Communications) technology, it is important that the function is disabled when no transactions are made.

If you find that transactions have been made without your approval, please contact us immediately.

Contact the automated Call Center at +30 210 48 48 484 from Greece or abroad for information and support on:

•  Internet, Phone & Internet services Mobile Banking
•  the activation of your card
• any loss:

- of your card

- Internet, Mobile and Phone Banking passwords

- the mobile phone device that you have declared during the registration for the use of the OTP sending service via the Viber application or by SMS

- your SIM card.