What is Phishing?
Phishing is the attempt by someone to steal your personal information online by pretending to be someone you trust. This scam usually occurs via email, where the sender appears to be official but is not.
The term “phishing” originates from the word “fishing,” as perpetrators “fish” for unsuspecting victims, using fake messages that appear real as bait. Their goal is to get you to reveal information such as passwords, bank card numbers, or other personal data, without you realizing it.
How Does Phishing Work?
Scammers usually set up their “bait” through emails, but also via SMS or even fake web pages. These messages look real. They have logos, an official style, and contain links that lead you to pages that appear (but are not) real.
The goal is to prompt you to enter passwords, bank card details, or other sensitive information. When you do, without you knowing, the information ends up with the scammer.
What Phishing Methods Are There?
Phishing is no longer limited to a suspicious email. Fraudsters are constantly evolving their techniques, exploiting every digital channel we use in our daily lives, and creating new threats.
The most common forms that have been recorded are:
Email phishing
The most common method. You receive an email that appears to come from a bank, government agency, or well-known company. It contains a link and invites you to “confirm” information, “unlock” your account, or “receive” some amount. The link, of course, leads to a fake website that looks authentic, and there…
Smishing (phishing via SMS)
The same tricks, but via mobile messages. You receive an SMS that appears to be from your bank, such as ELTA or a government platform, with a misleading link. The scenario usually includes “problem with order”, “tax refund”, or “deadline expired”.
Vishing (voice phishing)
Vishing is the voice version of phishing. Instead of sending emails, scammers call you and pretend to be a bank, government agency, or technical support representative. They may tell you that someone is trying to access your account and convince you to “give them a password to block them.”
Phishing via social media or messaging apps
Pages or accounts on Facebook, Instagram, or even apps like Viber or WhatsApp may send you messages that appear to be genuine. They may include supposedly offers, contests, or prizes, or appear to come from someone you know who “urgently needs money.”
Fake Websites
Many phishing scams take you to pages that look like the real thing, but they’re not. They’re fake imitations, designed to trick you into entering your information. Often, the domain address and URL have slight differences, such as gov-gr.com instead of gov.gr, that aren’t easily visible at a glance, causing you to click on it without realizing it.
QR Phishing (quishing)
A more modern form of phishing is QR Phishing. Scammers use QR codes that, when scanned, take you to fake websites that look legitimate. These QR codes can be sent via email or even printed on flyers, posters, or public spaces. They look innocent but lead into dangerous territory.
Phishing through advertisements (malvertising)
In some cases, fake advertisements on websites lead you to phishing pages. Scammers even invest in paid campaigns to appear more “legitimate.”
What Information Are Scammers Looking For?
Phishing scammers don’t just send “suspicious” messages without a target. They target very specific data, with financial or personal value. The information they try to extract is usually:
- Usernames and passwords
- Bank account and credit card details
- Tax ID, identity, or social security numbers
- E-banking or email codes
- Identification data on government platforms (e.g., Taxisnet, gov.gr)
This type of data can be used to steal money, hack accounts, steal personal information, or even for blackmail or resale on the black market.
What Can You Do to Protect Yourself?
You don’t need to be an expert or have computer knowledge to protect yourself from phishing attacks. What is required is a little more suspicion in our daily lives, and if you are careful, you will be able to avoid these scams.
So, what can each of us do to feel more secure when using our email, reading messages, or visiting websites?
1. Don’t share personal information
Do not give your personal information to anyone, no matter how “official” they may seem. If someone asks you for your bank codes, card PIN, or Taxisnet login passwords via email or SMS, ignore them. No service requests such information in this manner.
2. Always use official websites
When you want to access any digital service, whether it concerns a government platform, a bank, online shopping, or anything else, type the address into the browser or open the service’s official application.
Do not click on links that come to you via email, SMS, or social media messages. Even if they look authentic, they may lead you to pages/imitations that are intended to extract personal information from you.
3. Check emails carefully
If you receive an email or message that contains a link, don’t click on it directly. Please hover your mouse over it (or hold it down on your phone) and scrutinize the address. If it appears unusual or suspicious, it’s likely a scam.
Additionally, look carefully at the sender’s address. Scammers use emails that look very similar to the official ones, but they’re not. A letter may have been changed, there may be a period above it, or the extension may be .info instead of .gr. These minor differences often hide big risks.
4. Call
If something seems suspicious or concerns you, do not respond to the email or message you received. Instead, contact the organization or service directly, using the official phone number or URL from the legitimate website.
Do You Suspect You’ve Been a Victim of Phishing?
If you suspect that you have provided personal information to the wrong person via email, message, or a fake website, or if you want to enhance your online protection, please contact us immediately.
Our team will help you understand exactly what happened, what the next steps are, and how you can mitigate the risk.
