A news from the protothema piqued our interest. Below is the post. We have removed a name and a company that we consider to be advertising.
Let's see the post and our objections:
Unprecedented phishing attack - The data of bank customers who are unknowingly stolen are posted on another platform
A massive attack on Eurobank web-banking customer data is underway in the last few hours. The data, in fact, are published immediately by another platform!
The bank's customers, after "entering" the electronic transaction system, are "led" to another page, where their details are recorded and stolen: Both their personal data and their codes in the electronic banking.
The experts of the First Issue tell us in a few words, initially that phishing attacks are unprecedented. They then report that some people managed to extract phishing personal data and passwords, which they published on the Telegram platform. Somewhat pale, since those who carry out e-banking hacks do it to make money and not to share it with the whole world.
The phishing attack, as it has become known internationally, is not perceived by users, but the stolen data is made public on the Telegram platform. Hackers who have "broken" Eurobank security systems automatically have the data of customers who have made transactions in the last few hours, which allows them to access their accounts.
As Special Specialist - Information Systems Security Consultant at Edikoi Internet - told us, the method used for the cyber attack is "phishing attack". This method puts the user and not the bank, for this reason users must be very careful, which pages they browse the internet (until recently the internet was written). Other banks in Greece have been hit in a similar way in recent months.
So far there is no reaction from the bank, nor information to its customers about the possible consequences of the attack on its systems.
Let's talk about bold this method puts the user and not the bank. Of course the method puts the user, but the goal is the bank and its content. The target could also be any online account of the user who uses the same password without 2FA.
Of course, after a while, the columnist "talks" about the possible consequences of the attack on the bank's systems.
We are waiting for an announcement from Eurobank to see if the event has reached such a large scale as reported by the protothema.
Protothema updated the post with the bank reply and an image showing the phishing page
What Eurobank says
Following the announcement of the attack, the bank issued the following statement:
Eurobank informs that its systems and especially ebanking and mbanking are safe and have not been attacked by hackers or other malicious users.
It also draws the attention of its customers not to open emails from unknown sources and to be very careful which pages they browse the internet, as there is a risk of becoming victims of data theft through the process of "fishing" for user data.
The Bank has never asked, does not ask and will never ask for customer information in this way.
It is characteristic that web banking users were led to a page - "copy" of the actual website of the Bank, as shown in the photo: