Phishing is a method of deception through which electronic messages are transmitted requesting personal identification and authentication data or accessing websites. The most used method is sending alleged emails on behalf of the bank which contains a request to access a link in order to confirm personal data. This link directs you to very similar websites to those of the bank with the intention to steal personal and authentication data. Remember: First Bank never asks its clients to change or confirm personal or authentication data by accessing a link from the content of an email! Be careful at generic messages. Fraudulent messages are, most of the time, impersonal and mixed with grammatical mistakes or of expression etc. If you identify such websites in relation with First Bank, contact the bank immediately.
Smishing (SMS phishing) : this method is used to mislead potential victims in order to steal personal or authentication data. Usually messages are like: “ Congratulations! You won XYZ prize. To get this prize, please send us your personal data/ card details ( card number, expiration date, CVV), etc.” Remember: Do not respond to such requests. Do not send your personal data, card details or authentication data to other people/ phone numbers. If you receive such messages, notify immediately your mobile provider and the Police about the phone numbers from which you received the SMS.
Vishing is phone calling in order to deceive persons into providing personal data or performing operations regarding funds/asset transfers. Most of the time, malicious persons pretend to represent a legitimate company, usually a bank or a mobile provider. Remember: If you receive phone calls from people which request you to provide personal data, transfer the balance from your account to another account because you have been compromised or any other similar situation, hang up the phone and contact First Bank preferably by using another phone than the one that you were called. Be reserved to unknown callers! It is preferably to set all calls from unknown numbers to go to the voicemail.
Malware is a malicious software used to take, without the owner’s consent,personal information from your infected computer/smartphone, such as passwords, bank data and other confidential information. There are many ways for a malware to infect a device, whether it’s a link that directs you to a malicious website, SMS, a social network posting or installing an application from an insecure source. Remember: Always check the authenticity of the websites before logging in, tracking the existence of “https” and a locked lock after the name of the site, color differences or mistakes in the name of the website. More than that, another sign of a secure web page is the green color of the writing in the address bar or of the whole address bar (in case of Internet Explorer). Install a licensed antivirus tool and update it periodically. Scan periodically the device with the selected antivirus. Do not use public and unencrypted Wi-Fi networks. If you are not sure about the security of a website, leave it immediately. Use an updated antivirus which also owns an anti-phishing filter. Email spoofing is the fraudulent activity performed by email, for attempting to obtain personal data, of authentication or device infection by requesting to open a link. Usually, the address of the sender and other properties in the email header (“from”, “reply to” etc.) are modified in order to hide the real address of the sender. Remember: If you receive messages which seems to come from your own account or if you receive a response to an email you did not send, you are probably the victim of a spoofing attack. DO NOT open the emails and delete them as soon as you notice them.
CEO Fraud or Business Email Compromise Fraud is the fraudulent method for malicious persons to intercept email communications between people/ companies. Most of the time, the email compromise fraud occurs during correspondences when hackers instruct a company’s staff to make urgent payments to partner’s accounts, to different accounts than those known and used up to that point. Remember: Permanent verification of data changes of partners and suppliers, namely the address, the name, email address, IBAN account. Confirmation through other channels (phone, other email address etc.) of payment instructions to other IBAN accounts.
Money mules are those people which, for a commission, transfer an amount of illegally obtained money to other people accounts with the intention of losing trace of the beneficial owner.The most targeted persons are unemployed ones, students and, generally, people who have financial difficulties. Remember: Avoid collaboration with people who ask you to make banking operations on their behalf. Do not open a bank account on your name for unknown people. Do not answer to messages and phone calls in which you are promised an amount of money as a commission for making transactions on behalf of other people.
The “accident” method is the one in which people of good faith are called, usually with hidden phone number, by malicious people that recommend themselves as being lawyers/ doctors/ police officers, and are told that a member of the family has suffered an accident and an amount of money is urgently required, usually transmitted by fast money transfer services or by giving money to an intermediary. Remember: Hang up the phone call immediately. Check the information from independent sources. DO NOT transfer money. Call the Police immediately.
False sale ads of products (cars,equipments etc.) at prices too good to be refused, those people which are interested being instructed to transfer money through fast money transfer services (Western Union or Money Gram) as a guarantee or a down payment. Subsequently, they are required to transmit to the seller the supporting documents by email, WhatsApp, etc. and he/she uses the data to create a false ID and at the same time, uses the reference of the transaction to withdraw the money and so, the buyer of good faith is deceived and never comes into the possession of the desired asset.