SOS for attacks on bank accounts - Massive "fishing" by fraudsters - Economikos Tachydromos

The phones of law firms have been on fire recently from citizens who have fallen victims of phishing, a phenomenon of electronic fraud that is on the rise, in which the perpetrators imitate trusted entities (banks, public organizations) in order for the target victims to reveal sensitive information, such as e-banking codes, so that they can then fish from these accounts, within a few seconds, large sums of money.

Tens of thousands of phishing emails in the last 5 months in which attackers impersonate digital government services such as gov.gr (for an alleged tax refund), or subsidy policies such as Market Pass, Power Pass (for the disbursement of a next instalment), with thousands of citizens falling for it by revealing their personal data.

They have gone ballistic

"It's very easy to fall for it," a lawyer who is currently handling two such cases comments to NEA. In one case, a civil engineer received a call from a mobile phone number from someone claiming to be from the AADE and asking him to confirm the IBAN in a link sent to him on Viber so that he could receive a refund. From the victim's account, 22,000 euros in two instalments, one of 10,000 euros and one of 12,000 euros, left the victim's account.

The second case concerns an accountant who received a fraudulent email from an alleged bank asking him to update his details to receive a Market Pass instalment, resulting in him entering his e-banking codes and losing €38,000. Usually, the money is transferred to an intermediary account and then transferred to another account abroad, with the legal world pointing out that banks, which are aware of their customers' normal transactions, could introduce some kind of "aleert" to temporarily freeze the process until it is clarified whether or not it is a scam, and noting that the profit banks make from commissions on phishing transfers is not inconsiderable.
They strike at the same time

A steep rise in phishing victims of 145% in one year is seen by the president of the International Cyber Security Institute - CSI, Manolis Sfakianakis, referring to a storm of emails to hundreds of thousands of target victims with mass mailings of fraudulent emails and SMS. "The scams that have been going on in the last year are much smarter, more 'hi tech' and aimed at masses. "They 'hit' many people at once and wait to see who will 'bite'. A 3% "bite" in phishing. The number of people deceived every day is over 2,500. The scammers set up "mule" accounts where they direct the victims' money and then transfer it to their own people. How do they find mule accounts? They place ads saying "looking for people to work". They say "give us your bank account, we will transfer money to you, from which you will get 20%. A lot of people cooperate, not knowing that they have a huge responsibility," Sfakianakis notes, calling on people to use common sense, to think before they click, not to open unknown mails and to remember that banks and the state do not send messages asking for IBAN or any other sensitive information.

The bells

The Cybercrime Directorate recorded a more than doubling of phishing cases in 2022 compared to 2021, while there was also an increase in smishing (SMS fraud) and vishing (fraud via phone call) cases. From the Hellenic Police stress that there are elements in an e-mail or SMS which could ring bells to citizens that it is a scam. When, for example, they see grammatical or spelling mistakes, drafting errors or generalities that create a sense of urgency, or when they receive a message from an organisation without having made a request of their own, or when they are asked for sensitive information such as their e-banking password, they should avoid clicking on links or downloading attachments. If they find that they have been a victim of fraud, they should contact the bank and the police authorities immediately to investigate the matter further.