Warning. National Bank of Greece scam

For discussion, news, comments, questions and information about Crete & Greece.
ipmcrete
Posts: 140
Joined: Mon Aug 03, 2009 6:30 am

Warning. National Bank of Greece scam

Postby ipmcrete » Mon Mar 07, 2011 9:45 pm

Has anyone else had an email that reads as follows?

We recently have determined that different computers have logged onto your Online Banking account, and multiple password failures were present before the logons. We now need you to re-confirm your account information to us.

If this is not completed by March 08, 2011, we will be forced to suspend your account indefinitely, as it may have been used for fraudulent purposes. We thank you for your cooperation in this manner.


To confirm your Online Banking records click on the following link:
www.nbg.gr/wps/portal/LoginPageMap?loginPage=true" target="_blank">http://98.212.79.225/info-server-nbg2.html?www.nbg.gr/wps/portal/LoginPageMap?loginPage=true



Thank you for your patience in this matter.

National Bank of Greece Customer Service

Please do not reply to this e-mail as this is only a notification. Mail sent to this address cannot be answered.



2011 National Bank of Greece, Inc. All Rights Reserved.

Click the link, and it DOES look exactly like the National bank Logo etc. They then ask for your card number AND your PIN.

Someone is about to empty your account.
Beware

Jean
Posts: 905
Joined: Sun Feb 11, 2007 7:39 pm
Location: West Crete
Contact:

Postby Jean » Mon Mar 07, 2011 10:32 pm

I've been receiving those for 3 years now but they have become more frequent. As a rule just ignore ANYTHING that asks you for your login data and you'll be OK.

paulh
Posts: 2435
Joined: Sun Feb 11, 2007 7:13 pm
Location: Akrotiri

Postby paulh » Mon Mar 07, 2011 10:55 pm

the style/format of the letter has been around certainly since 2006

9 times out of 10 it is sent on a national holiday when banks are shut so you cannot check so easily and says it must be done that day

in this case it is hosted on a virtual server in Illinois, the server comprising 7 or 8 files uploaded 5am on the 7th (today) BUT links on those phony html screens link back to the NBG's real pages in Greece to make it appear legitimate

if you are interested Jean take a look here

http://c-98-212-79-225.hsd1.il.comcast.net/

nothing dangerous on it but most certainly not the servers of a large bank yet it shows the phony NBG screens asking for account number and ATM pin

actually you can follow the IP from the above back to another virtual server elsewhere in the States with phony Pay-Pal screens asking for email and password (dated March 2009). When going to these sites Mozilla comes up and warns you that this is a known Phishing site and dangerous etc etc. (not dangerous to look at but dangerous to take on face value)

Jean
Posts: 905
Joined: Sun Feb 11, 2007 7:39 pm
Location: West Crete
Contact:

Postby Jean » Mon Mar 07, 2011 11:43 pm

Yes, nice. I might start sending my own soon.

paulh
Posts: 2435
Joined: Sun Feb 11, 2007 7:13 pm
Location: Akrotiri

Postby paulh » Wed Mar 09, 2011 4:07 pm

Just seen some friends who say that Admin at BiC have deleted the link in ipmcrete's original as it might be dangerous

well ....it's not and never was.

the link as originally posted if clicked on goes straight to the correct Bank of Greece sites

if you edit the link yes you can try go to the scam page but you are not going to edit it accidentally are you?

before you get to the scam page Firefox will put up 2 warnings blocking the site as a phishing scam and you have to deliberately say "I know the risks give me the page" twice before you get to it.

When you get there it is just a form (no viruses or the like and anyway your antivirus program would be alerted if it did contain a virus which would ruin the intent because as of yet you haven't filled in your NBG account number and ATM key)

You would then have to input your Bank of Greece account number and pin despite having been told that the bank would never ask for your passwords or pin numbers.

and you still wouldn't be at risk.........until you hit the "send" and even then you wouldn't have been at risk after 2am on the 8th because the location the data went to was closed down then and it wouldn't have anywhere to go...how do I know?....I put in a made up account no and a made up pin no. My logon at the time was via an anonymous IP proxy based in the States and as I don't use the NBG so no risk there either

Not that I suggest anyone follows my actions themselves but hey I was curious and I did know more or less what I was doing or that I was adequately protected.

So it was dangerous if you did all of the following......

1) if you didn't recognise it as a scam straight off
2) if you edited the link accurately to try go to the dodgy site and disregarded the correct Bank site a click on the link actually took you to
3)if you ignored 2 phishing scam site reports and twice deliberately chose to continue
4)if you ignored the Bank's own FAQ saying the Bank would never ask passwords or PINs
5)if you happen to actually have a NBG account
6) if you entered the data correctly
7)if you tried send it before 2am on Tuesday morning

Heck, water is dangerous in less steps than that!


PS is BiC still advertising Jobs for 2010 as one of it's sections?

Kilkis
Posts: 8910
Joined: Sat Apr 21, 2007 3:58 pm
Location: Near Chania

Postby Kilkis » Wed Mar 09, 2011 5:33 pm

While I agree with everything you say about this particular phishing scam email, as a general rule I personally would not click on a link in such an email. The linked site may contain other threats than the obvious attempt to obtain private information and no protection system is completely foolproof. The more you use human intelligence to obviate threats the less you rely on the software versions.

Warwick

paulh
Posts: 2435
Joined: Sun Feb 11, 2007 7:13 pm
Location: Akrotiri

Postby paulh » Wed Mar 09, 2011 6:18 pm

No I don't (and haven't) advocate(d) clicking on the link without adequate knowledge and or investigation of it first either.

But just pointing at something unknown and saying it is dangerous doesn't make it dangerous

Point at a tap in a bathroom and pronounce that dangerous and remove it because 6 actions down the line could result in someone drowning. That is obviously stupid and misguided to you because you know about taps

Admin there on BiC obviously doesn't know what he is talking about in terms of that link but pronounced to all and sundry it was dangerous and removed it. Sphericals!

Because of his stupid, unknowing fears and subsequent shillbut I get asked by others why I left it in as though I had left something dangerous in on our pages

This hopefully puts it into perspective

ipmcrete
Posts: 140
Joined: Mon Aug 03, 2009 6:30 am

Me and my big mouth

Postby ipmcrete » Wed Mar 09, 2011 10:02 pm

Can opened, worms everywhere. Great responses on this forum. Thanks Paul and Warwick. I will try to avoid being banned by BIC, but I know that is not always possible. Loved the final bit about best intentions!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Been going there for 6 years now. I may ban myself and join the adults here. If that's ok with you guys.
Mike


Return to “General Discussion & News”

Who is online

Users browsing this forum: Bing [Bot] and 11 guests