Frequently Asked Questions and Answers about Electronic Payment and Investment Fraud

Question 1: I have recently been receiving phone calls, emails and SMS messages from unknown numbers. The people contacting me claim to be calling about Power Pass or Fuel Pass allowances, the tax lottery, tax refunds, and so on. They even claim to be accountants or employees/representatives of the Tax Office, gov.gr, DEDDHE, EFKA, OPEKA or OAED, etc. and ask for details about my bank accounts. I did not trust those who called me, nor did I click on any links in emails or text messages, nor did I provide any details. Did I do the right thing?

Answer: Yes, you did the right thing. These are attempts at fraud. Had you continued, the fraudster would have asked you for your e-banking login details and tried to transfer money from your accounts. You should never disclose your e-banking passwords, card details or one-time passwords (OTPs).

Question 2: Over the last few days, I have received several emails and text messages. These messages inform me that ‘suspicious activity has been detected’ on my account or card, or that my account or card has been ‘locked or deactivated’. The messages contain a link and urge me to follow the provided instructions immediately in order to resolve the issue and regain access.

Answer: These messages ARE NOT from your bank. In fact, sometimes they appear to be sent by a bank with which you do not even have an account. They are phishing messages designed to trick you into entering your online banking passwords, card details and the one-time passwords (OTPs) that you receive for transaction approval.

The answer to all these malicious attempts is simple. Never give your personal details to anyone who asks for them. Your bank will never ask you for such information.

Question 3: I recently posted an online ad to sell a personal item. I received a call from someone I didn’t know who said they were interested in buying it without having seen or checked it. However, they asked me for my card details or e-banking codes so they could deposit the money into my account. Should I give them my details? Can I trust them?

Answer: No, you shouldn’t. To deposit money, you only need to provide your IBAN. Never reveal your online banking codes, card details or any one-time passwords (OTPs) that you receive.

If the buyer claims to have deposited money into your account, check the exact amount yourself via your eBanking. Do not rely on any deposit receipts they show or send you. They may be fake.

Question 4: I recently received a phone call from someone abroad who spoke to me in English. They said they were a technician from a large IT company and that my computer had been infected with malware. They said they could fix the problem. I didn’t believe him and ended the call. Was this the right thing to do?

Answer: Yes. This was an attempt at fraud. Had you continued the conversation, he would have asked you to install remote access software, which would have given him complete control over your computer. Then, under the pretext of fixing the problem, the scammer would ask you for your online banking login details and try to transfer money from your accounts. Never trust your computer to strangers. If you receive a call from an unknown number, especially from abroad, from someone claiming to be from an IT company, and you have not reported a problem with your device, hang up. Never install remote management software recommended by someone you don’t know.

Question 5: I have been asked to act as an intermediary in a money transfer and have been offered a fee for depositing money into my account. Is there a problem with this? Is it illegal?

Answer: Yes, it is illegal. If you are approached via email, social media or classified ads and asked to transfer money (which will have been deposited into your account beforehand) to third-party accounts in other countries, or to withdraw it from an ATM or bank branch and give it to them, keeping a percentage as commission, be aware that they are trying to deceive you into mediating the transfer of illegal money (money muling), which is punishable by law.

Therefore:

• Do not agree to act as an intermediary in the transfer of money from other people, usually strangers.You may suffer serious consequences as you are involved in illegal activities, whether you realise it or not.
• If you receive a suspicious email, do not reply or follow any links provided.
• Cross-check the details of the company offering the job and its contact details, especially if it is based abroad.
• Never give your bank account details to anyone unless you have a long-standing relationship with them or they are a close family member.
• If you believe that you have been involved in an illegal money transfer, do not make any further transfers that may be requested of you. Notify your bank, the service through which you made the transaction and the police immediately.

Question 6: What should I generally do to avoid becoming a victim of online fraud?

Answer: Your bank has posted useful tips on its website to help you avoid becoming a victim of fraud.

In any case, the following basic guidelines will help you to conduct your online transactions as securely as possible:

• Type in your bank’s web address yourself to access its online banking services. Do not follow search engine results.
• Make sure you are navigating within the bank’s secure environment. Check that the link you are entering (https://www.….… gr) corresponds to your bank’s web address. Click on the padlock icon to check that the connection is secure.
• Carefully check that the transaction described in the bank’s message (e.g. via SMS, Viber or the mobile app) matches the one-time OTP code before confirming it.
• Avoid using public or shared networks.
• Never save your passwords on any of your devices.
• Change your passwords at least every six months.
• Enhance the security of your devices by keeping your anti-malware software up to date and regularly updating your operating system.
• Check that the email addresses you receive correspond to the name of the person listed as the sender, especially if a) they are in your contact list, b) it appears to be from your Βank or c) another well-known company providing products and services.
• Ignore and delete dubious messages that you receive on your electronic devices and applications, and do not follow links to websites.
• Do not disclose confidential information such as usernames, passwords and your card details (card number, CVV, PIN), OTP (One-Time Password) and other numeric codes to third parties (e.g. interested buyers or potential customers) via telephone, mobile phone, email, online forms, social media or other means.
• Always use the most up-to-date versions of Internet browsers (e.g. Chrome, Microsoft Edge), as these have advanced security features.
• Contact your bank immediately if you suspect that your security codes have been compromised.

Question 7: I have recently been receiving frequent phone calls from unknown numbers. During these calls, a supposed representative of an investment company offers me ‘tailor-made’ investment opportunities with quick and guaranteed returns. Should I trust them with my money?

Answer: Be careful — there is a serious risk of fraud.

• Do not trust anyone who promises safe investments with high, quick and guaranteed returns.
• If you wish to make an investment, first make sure that the company is licensed by the Capital Market Commission or another European authority.Ensure it is covered by the Deposit and Investment Guarantee Fund (TEKE), participates in the Guarantee Fund, or is safeguarded by another foreign body. Visit the following websites:
  • www.hcmc.gr
  • www.ethe.org.gr
  • www.smexa.gr
  • https://www.syneggiitiko.gr/

Question 8: If I fall victim to online fraud, can I contact another agency directly after reporting it to my bank? Also, is there an agency I can contact if I fall victim to investment fraud?

Answer: Yes, you should report the fraud in both cases:

• to your nearest police station;
• to the Hellenic Police’s Cyber Crime Division

– Telephone: 11188
– Fax: 213-1527471
– Email: ccu@cybercrimeunit.gov.gr
– via the portal at: https://goo.gl/vOHdVb
– Postal address: 173 Alexandras Avenue, P.C. 11522, Athens

Question 9: I recently saw a campaign on television and heard it advertised on the radio. The campaign aimed to inform the public and raise awareness of electronic fraud, and its slogan was “One Pause is Enough to Avoid Electronic Fraud”. Where can I find more information about this campaign?

Answer: You can visit the Hellenic Bank Association (HBA) website (https://www.hba.gr/info/PhishingCamp) for more information about the campaign, which is a collaboration between the Ministry of Citizen Protection, the Bank of Greece, the Hellenic Police and the Hellenic Bank Association. The campaign began at the end of 2021 and continues into 2022.

Question 10: Where can I find more information on the different types of electronic and investment fraud?

Answer: The Hellenic Bank Association’s (HBA) website contains all the material from the various public information and awareness campaigns on electronic fraud, including:

• the campaign concerning fraud in cyberspace (CyberScams);
• the campaign concerning illegal money transporters (European Money Mule Action – EMMA).

Furthermore, as part of its ongoing efforts to inform and raise awareness among consumers, the HBA website contains useful announcements on various types of fraud, such as SIM card swapping, ‘fake technical support‘ scams and telephone scams.

Further advice on how to avoid scams is available via a dedicated banner on the Greek Police website (www.hellenicpolice.gr). Information and advice on cases of electronic fraud can also be found on the Cybercrime Division website (www.cyberalert.gr).