A news item from protothema piqued our interest. Below is the post. We have removed one name and one company which we consider to be advertising.
Let's see the post and our objections:
Unprecedented phishing attack - The data of bank customers who are unknowingly stolen are posted on another platform
Massive hacking attack of Eurobank's web-banking customers is on development the last few hours. In fact, the information is made public directly from another platform!The bank's customers, after "entering" the electronic transaction system, are "led" to another page, where their details are recorded and stolen: Both their personal data and their codes in the electronic banking.
First Topic experts tell us in a nutshell, firstly that phishing attacks are unprecedented. They then report that some managed to phish personal data and passwords, which they made public on the platform Telegram. Somewhat pale, since those who carry out e-banking hacks do it to get money, not to share it with the whole world.
The phishing attack, as it has become known internationally, is not perceived by users, but the stolen data is made public on the Telegram platform. Hackers who have "broken" Eurobank security systems automatically have the data of customers who have made transactions in the last few hours, which allows them to access their accounts.
As Special Specialist - Information Systems Security Consultant at Edikoi Internet - told us, the method used for the cyber attack is "phishing attack". This method puts the user and not the bank, for this reason users must be very careful, which pages they browse on the internet (until recently it was written internet). In a similar way, other banks in Greece have been hit in recent months.
So far there is no reaction from the bank, nor information to its customers about the possible consequences of the attack on its systems.
Let's talk about bold this method puts the user and not the bank. Of course the method throws the user, but the target is the bank and its contents. The target could also be any online account of the user who uses the same password without 2FA.
Of course, after a while, the columnist "talks" about the possible consequences of the attack on the bank's systems.
The word itself is an equivalent of the word fishing which means "fishing" as the same logic of "bait-catch" is used.
The Ph in the word, is a reference to “phreaks, A group of hackers who experimented and illegally investigated the limits of telecommunications systems in the 1990s.
Phishing attacks are an act of deception of internet users, in which the "perpetrator" impersonates a trusted page, abusing the ignorance of the victim-user, in order to obtain personal data and passwords.
We are waiting for an announcement from Eurobank to see if the event has reached such a large scale as reported by the protothema.
Update
Protothema updated the post with the bank reply and an image showing the phishing page
What Eurobank says
Following the announcement of the attack, the bank issued the following statement:
Eurobank informs that its systems and especially ebanking and mbanking are safe and have not been attacked by hackers or other malicious users.
She also warned her customers not to open emails from unknown sources and to be especially careful which pages they browse on the internet, as there is a risk of becoming victims of information interception through the process of "phishing" user information.
The Bank has never asked, does not ask and will never ask for customer information in this way.
It is characteristic that web banking users were led to a page - "copy" of the actual website of the Bank, as shown in the photo:
