Online anti-fraud instructions

For your security, when you want to connect to Optima bank's e-banking system, it is necessary to connect exclusively through the link on our official bank page: www.optimabank.gr  

• the recipient's account or card has been locked or deactivated
• “suspicious activity has been observed” on the recipient's account or card

What do they accomplish with the use of such methods?
Their aim is to extract personal information, e-banking credentials, one-time passwords (OTP) and card details.

They usually use phrases denoting a sense of urgency; they further use the pretext that the recipient's card or account has been locked or temporarily deactivated, thus urging the recipient to visit a website or download a file and follow "instructions".

Some information that could help you recognize a potential e-mail scam:

• Tone and manner
  Most fraudsters demand from the recipient to act immediately.
  
  
• Confidentiality
  Some of them imply that the actions they ask you to take are part of a confidential program that should not be discussed with co-workers or senior staff.

• Money transfer request or disclosure of sensitive information
  Any such request should be verified through multiple sources.
  
  
• Unusual requests
  Α request for an immediate money transfer, usually to a supplier, but with a different number than the one previously used.

How to protect yourself:

Training and raising awareness of your company staff regarding the security and protection of computers with e-mail, anti-malware and anti-spam software.

If an e-mail is received from an unknown sender or something looks suspicious, verify the request by phone call using the contact details you already have and which have been verified.

Under the pretext that there is some fault in the recipient's computer software, they request remote access to the computer. They thus manage to extract credentials and transfer money from the holder's account.

The included link leads to some fake webpage and the telephone number calls the fraudster who pretends to be the legal company's representative.

In both cases, fraudsters urge the recipients to immediately follow the instructions in the link sent to them in order to solve their problem.

In this case, when a cardholder removes the card at the end of the transaction, the skimmer records information such as credit/debit card numbers and PINs and stores them. Other similar devices copy the keypads of the ATM card readers and allow criminals to record your PIN.

How to avoid skimming?

• check the area around the ATM for any suspicious movement before the transaction
• make sure that there is no added part to the front of the ATM that looks out of place
• if during your transaction at some ATM you spot some suspicious object, the card reader seems to have been hacked (crooked or damaged, graphics aren’t aligned, or part of the machine is a different color), or if you face any problem, avoid using the specific ATM and notify the bank immediately.

By activating the new card, the legal holder's card is deactivated and fraudsters can access calls and messages and thus intercept personal information, one-time passwords (OTP) and e-banking credentials.

Learn more here link.

After the amount is credited to your account, they usually ask that you give it to them in cash, by withdrawing it from some ATM or transferring it electronically to a third person.

Avoid acting as an intermediary in moving money from other people since in this way you may be involved in criminal activities whether you are aware of it or not.

Then they may ask for money, claiming it’s to cover file/loan expenses, or lead you to open an e-banking account and then request your password. If you comply, there's a high likelihood they will transfer money from your account to theirs. For this reason, if you are interested in obtaining a loan you should contact one of our branches. For any other information it is important to visit only our bank’s official website, at www.optimabank.gr.

What can you do as a business?

• make sure that your staff is briefed on this particular fraud type
• implement a procedure to verify the legitimacy of payment requests
• instruct staff responsible for paying invoices to always check them for any irregularities.

What can you do as an employee?

• verify all requests coming from the company's suppliers, especially if they ask you to change their bank details for future invoices
• if you are requested to change your payment details, use those from previous correspondence instead and notify them of the change.

In this case of fraud, when you attempt to connect your device to an available public Wi-Fi network you will be asked to provide your credit/debit card data so that you can gain access to the internet. This is a malicious hotspot and in reality, by providing this data you are giving it straight to cybercriminals.

Similarly, in other cases public Wi-Fi may offer you free access to the internet but through it, cybercriminals can track your every move, record passwords and PINs you enter to log in, and can see your bank account when you check it.

When you plan to connect to a public Wi-Fi network you should be careful.

How to protect yourself?

• avoid networks with names such as “Free public Wi-Fi”
• if you do connect to a public network avoid logging into your e-banking account and the exchange of sensitive information.

The ad owner receives a call from an alleged interested party who then asks for the owner's personal e-banking credentials or card numbers to complete the transaction. Then the fraudster intercepts the relevant details and gains access to the holder's bank account or cards in order to make transactions.