A news from the protothema piqued our interest. Below is the post. We have removed one name and a company that we consider to be advertising.
Let's see the post and our objections:
Unprecedented attack of interception of electronic banking data, "phishing attack" - Ta data of the bank's customers who are intercepted without their knowledge are posted on another platform
A massive attack on Eurobank web-banking customer data is underway in the last few hours. The data, in fact, are published immediately by another platform!The bank's customers, after "entering" the electronic transaction system, are "led" to another page, where their details are recorded and stolen: Both their personal data and their codes in the electronic banking.
First Topic experts tell us in a nutshell, firstly that phishing attacks are unprecedented. Then they report that some managed to extract personal data by phishing and codeof access, which they published on the Telegram platform. Somewhat pale, since those who carry out e-banking hacks do it to get money and not to share it with the whole world.
The phishing attack, as it has become known internationally, is not perceived by users, but the stolen data is made public on the Telegram platform. Hackers who have "broken" Eurobank security systems automatically have the data of customers who have made transactions in the last few hours, which allows them to access their accounts.
As Special Specialist - Information Systems Security Consultant at Edikoi Internet - told us, the method used for the cyber attack is "phishing attack". This method puts the user and not the bank, for this reason users must be very careful, which pages they browse on the internet (until recently it was written internet). In a similar way, other banks in Greece have been hit in recent months.
So far there is no reaction from the bank, nor information to its customers about the possible consequences of the attack on its systems.
Let's talk about bold this method puts the user and not the bank. Of course the method puts the user, but the goal is the bank and its content. The target could also be any online account of the user who uses the same password without 2FA.
Of course, after a while, the columnist "talks" about the possible consequences of the attack on the bank's systems.
The word itself is an equivalent of the word fishing which means "fishing" as the same logic of "bait-catch" is used.
The Ph in the word, is a reference to “phreaks", a team hackers who experimented and illegally investigated the limits of telecommunications systems in the 1990s.
Phishing attacks are an act of deception of internet users, in which the "perpetrator" impersonates a trusted page, abusing the ignorance of the victim-user, in order to obtain personal data and passwords.
We are waiting for an announcement from Eurobank to see if the event has reached such a large scale as reported by the protothema.
Update
Protothema updated the post with the bank reply and an image showing the phishing page
What Eurobank says
Following the announcement of the attack, the bank issued the following statement:
Eurobank informs that its systems and especially ebanking and mbanking are safe and have not been attacked by hackers or other malicious users.
It also draws the attention of its customers not to open emails from unknown sources and to be very careful which pages they browse the internet, as there is a risk of becoming victims of data theft through the process of "fishing" for user data.
The Bank has never asked, does not ask and will never ask for customer information in this way.
It is characteristic that web banking users were led to a page - "copy" of the actual website of the Bank, as shown in the photo: