The increased use of the internet and electronic services has maximized the opportunities for the commission of new forms of fraud by scammers aiming to steal your personal information, your money, or both.
The Ministry of Citizen Protection, the Bank of Greece, the Hellenic Police, and the Hellenic Bank Association join forces to inform and raise awareness among the public about protection from electronic fraud. We also participate in this campaign by providing relevant information and guidance on ways to protect our customers.
The following are the most common fraud cases categorized, protection methods, and actions you can take if you suspect you have fallen victim to fraud:
Deception attemps under the pretext of approved government allowances
Scammers contact unsuspecting citizens either by phone from unknown numbers or through emails/SMS, pretending to be representatives of government agencies. They claim that the reason for the communication is the approval of allowances such as Power Pass, Fuel Pass, tax refunds, etc. They assert that they are accountants or employees/representatives of various government entities like the Tax Office, gov.gr, Power companies, EFKA, OAED, etc. They request various details related to bank accounts. You should be extremely suspicious and never disclose your eBanking passwords, card details, or any one-time passwords (OTP).
You should be particularly cautious of messages informing you about alleged issues with your accounts, cards, or eBanking
If you suspect any issue with your accounts or cards, go directly to the eBanking platforn or the Chaniabank Mobile App without following any links.
Notice if the message is personalized or if it contains errors and inaccuracies. Fraudulent messages are usually sent in bulk and do not include the customer’s name or the account affected by the alleged issue. Additionally, there are often spelling or grammatical errors. These are signs that it may be a scam.
Carefully check the description of the messages (SMS, Viber) you receive along with the One-Time Password (OTP) for transaction approval.
Activate the notification service to stay informed about your products activity. This way, you will receive emails or SMS immediately after a transaction is made on your account or card.
Frauds through advertisements for buying or selling products
Scammers make phone calls pretending to be interested in purchasing a product advertised by someone. They ask the seller to provide them with credit card details or eBanking codes, including the One-Time Password (OTP) that the seller receives on their mobile at that moment, claiming that they will deposit the money.
Furthermore, scammers may try to convince the seller that they have paid for the product, often showing a fake money transfer certificate or claiming to have deposited more money, supposedly by mistake, and requesting a refund of the difference. They usually allege that they accidentally entered an extra zero while typing the amount (for example, €5,000 instead of €500) and send a fake deposit receipt to prove their claim, asking the seller to return the difference.
In other cases, scammers post fake advertisements online for the supposed sale of products. They deceive the interested buyer, who sends the money but never receives the purchased item.
For making a money deposit, it is sufficient to provide your IBAN. Never disclose your passwords or personal and financial information, even if someone claims that they will deposit money into your account. (You can use the following “FIND IBAN” tool to verify an IBAN)
Verify the exact amount that the buyer deposited into your account through your eBanking. Do not rely solely on any deposit receipts that may be shown to you.
Attempted involvement in the illegal transfer of money (money muling)
Scammers ask someone to act as an intermediary in money transfers, offering a percentage of the money as compensation. They typically request only the IBAN of the account for the money deposit. Subsequently, they ask the victim either to give them the money by making a withdrawal from an ATM or a branch or to transfer it to another person’s account.
This practice is known as money muling and is criminally prosecuted.
Do not agree to act as an intermediary in the transfer of money from other individuals, especially those unknown to you. You may face significant consequences, as getting involved in such activities, whether knowingly or unknowingly, could lead to legal repercussions.
You can find more information about money muling:
- at the Europol website
Scam through a call for a 'supposed' computer issue
Scammers call unsuspecting citizens and pose as technicians from a major IT company. Claiming that their computer and/or mobile device is ‘infected’ with malicious software, they request to install remote access software for the supposed repair or restoration of the problem.
Once these applications are installed, the perpetrators gain complete control over the electronic devices of unsuspecting citizens, whom they then deceive into providing their personal banking access details (username, password, etc.) and the one-time passwords (One-Time-Password/OTP) they receive. Subsequently, the criminals proceed to transfer money from the victims’ bank accounts (e-banking) to bank accounts they control or those of their accomplices.
Do not disclose your personal information and terminate the call.
Check tips from the Hellenic Bank Association for recognizing and protecting against alleged technical support.
Possible scams through email / SMS / phone calls
Groups of scammers from Greece and abroad target users to extract or steal their login credentials for banking systems. These groups communicate directly with users either through email, written messages on mobile phones, or by calling them directly. Their goal is to impersonate representatives of a bank, an authority, a legitimate company, or someone from the user’s broader social circle in order to deceive them.
Usually, malicious actors have certain information about the user which they use to ‘authenticate’ that what they are requesting is legitimate. This information may include the Tax Identification Number, ID or Passport Number, and various other personal details.
The ultimate goal of these malicious groups is to gain the user’s trust to reveal their Username, Password, Credit/Debit card number, and PIN, as well as the automated messages containing confirmation codes (OTP) sent by the bank. Having this information, they can proceed with malicious transactions for their personal gain, financially burdening the user.
If your mobile phone stops working for unusual reasons, contact your mobile service provider immediately. Sometimes, you may lose signal due to broader issues affecting the mobile service. However, if you lose service in an area that usually has good coverage, it is safer to contact your network provider and confirm that your SIM card has not been deactivated.
Do not disclose your mobile phone number on social media.
Register for the services provided by organizations that offer SMS and email notifications for your transactions.
Never respond to unknown messages or calls that ask for your account details and the registered number of your mobile phone.
Do not follow website links or open attachments from unknown senders. Verify the sender carefully, as attackers often impersonate legitimate businesses and organizations.
Do not disclose your e-banking passwords (username and password) or card numbers to anyone, and do not enter them on unfamiliar websites. Confirm that you have visited your bank’s official site, and remember that banks will never ask for your passwords in any way.
Ensure that your computer and devices (tablet, smartphones) always have the latest operating system and application updates. Install and keep an updated reliable antivirus program to protect against malicious software.
Check your account transactions regularly to monitor for any unauthorized or suspicious activity.
If you have fallen victim to SIM swapping fraud or have noticed unauthorized transactions, promptly inform your bank.
Get information about identity theft from the Hellenic Bank Association:
Possible scams through malicious links (URLs)
Deception through Search Engine: Fraudulent groups have observed that several users of banking applications tend to connect to them through search engines (Google, Bing, Yahoo, etc.). Instead of typing the address of the banking application directly into their browser or using the “Favorites” (Bookmark) function, users search for it on a search engine. Then, users choose the first result returned by the search engine to log in to the application by entering all the necessary access fields such as username, password, and possibly a one-time passcode (OTP). Malicious actors take advantage of this user behavior by displaying malicious links in the top search results, leading to deceptive websites that mimic those of banks. This way, they deceive users into thinking they are in the secure environment of the bank and steal their login credentials.
Deception through Email or SMS: Fraudulent groups may send messages via email or SMS to users containing a hyperlink to their deceptive malicious website. Malicious actors encourage users to follow these hyperlinks, which lead to fake websites. In this way, they deceive users into thinking they are in the secure environment of the bank, leading to the theft of their login credentials.
Do not use search engines to access your banking applications.
Save the websites of your banking applications in your browser’s bookmarks, or type the address directly if you remember it. The recommended procedure for accessing eBanking at Cooperative Bank of Chania is to connect to the bank’s homepage (https://www.chaniabank.gr/), which you should save in your bookmarks, and then follow the hyperlink in the upper right corner of the page that securely directs you to the online banking environment.
Always verify that the address of the website you have connected to, presenting the login fields for the banking application, is that of the bank (https://identity.chaniabank.gr/).
Always ensure that your connection is encrypted. You should see in the address bar that it uses the https protocol and not http ( httpS://identity.chaniabank.gr/)
Check the digital certificate of the website to ensure it belongs to the organization. You can do this by clicking on the padlock icon in the address bar, which will provide you with relevant information.
Deactivation of e-Banking Account
A new feature that contributes to your protection from online frauds is the ability to deactivate your account automatically and independently. This provides an additional level of security and control.
Deactivating the account through e-Banking allows users to take quick action in response to any security threats or suspicious activities on their account. If a user observes suspicious transactions or believes that their account has been compromised, they can easily deactivate their account without the need to contact the bank.
The process of deactivating the account is simple and secure. Through the Chania Bank e-Banking website, the customer will find the option “DEACTIVATE” and follow the steps below to confirm the process:
-Enter the phone number
– Enter the Tax Identification Number
-User verification through OTP code
The account can also be deactivated through the ChaniaBank Mobile App under the “SETTINGS-SECURITY” menu.
The deactivation of the account will be immediate. To reactivate the account, the user will need to repeat the initial registration process using their debit card or visit a Chania Bank branch.
I am a victim of electronic fraud. What can I do?
You should inform the bank if you suspect or have been a victim of fraud. You can use one of the following methods:
By calling the eBanking support fo Cooperative Bank of Chania at 2821025500 (option 2) or by visiting your service branch.
Send an email to: support@chaniabank.gr
Completing the contact form and selecting “Electronic Fraud” as the subject.
Visit your service branch
In case of losing your mobile device, the necessary actions you need to take to ensure the security of your bank account are as follows:
Login to your account from an authorized computer using a web browser to proceed with deactivating your account.
To change the phone number for receiving one-time passwords, you need to visit one of the bank’s branches.
If you have been a victim of electronic fraud, the necessary actions you need to take to ensure the security of your bank account are as follows:
Log in to your account from a computer using a web browser and proceed to change your username and password.
Log in to your account from a computer using a web browser and proceed to remove your registered devices.
Log in to your account from a computer using a web browser and proceed to disable your account. If you have more than one profile activated, you will need to deactivate all of them to disable your account.
Useful videos for protection against fraud. (in Greek)
Protect your Identity
Protection against scams with the pretext of technical support.
What it money muling?