Types of Phishing:

• Vishing calls

  Beware of calls misusing the Bank’s name through Social Media Applications (What’s App, Viber, IMO, etc).

  How this type of fraud works:

  Fraudsters pretend to be from the Bank of Cyprus, the Police or other Legit Organisations asking you to provide personal and bank accounts, including card details, 1bank passcodes, one-time passcodes (OTPs) and verification codes (VCs).

  Callers are pushy, asking you to act swiftly and threaten that if you don’t hand over the details they asked for, they will “block” your Cards and / or your accounts.

  How to spot a Vishing call:  

  • Pressure to act swiftly. Fraudsters often create urgency, claiming your account has been compromised or you need to take immediate action to avoid penalties.
  • Unfamiliar country codes. Be cautious of calls from country codes you don’t recognize.
  • Receiving repeated calls from the same unknown number in short period.
  • Fraudsters address you vaguely, such as “Dear Customer” or “Account Holder” instead using your name.
  • Fraudsters may lack specific information about your account or get details wrong. Legitimate representatives have access to your verified account information.

  How to stay safe:

  • If you receive an unexpected call and you’re not sure it’s from us, end the call immediately.
  • The Bank will never contact you through any Social Media Platforms such as WhatsApp, Viber, IMO etc. Only Fraudsters will. 
  • The Bank will never request details such as 1bank credentials & passwords, Bank account details, Card details, One- time passcodes or Verification Codes.
  • Never reply or call back.
  • Always thoroughly review your Bank’s messages, push notifications and Alerts, before you authorise any online transaction.
  • Keep your online banking credentials confidential.

  Where to get help:

  • If you think you’ve been scammed, then call us immediately on 80000800 or +35722128000 if calling from abroad.
  • If you have provided your Card details, then you can alternatively call at 22868100.
• Smishing (Text Messages)

  How this type of fraud works:

  Fraudsters send fake text SMS messages pretending to be your bank, or another legitimate organisation. Their aim is to make you reply, click on a link or call back, and provide your personal and financial details so they can steal money from your accounts and cards. Beware of SMSs pretending to be from the Bank through Social Media Applications (What’s App, Viber,etc).

  How to spot a Smishing:  

  Typically, these messages:

  • encourage you to take urgent action by clicking on a link or making a call back.
  • ask you to verify your Digipass, transactions, devices etc.
  • look and sound like genuine messages but with new wording added.
  • May look similar to real messages and sometimes they may even show up in the same thread as genuine messages, you’ve received from an organisation.

  • Will be followed by a phone call from the fraudsters purporting to be the Bank where they will appear pushy and convincing.
  • Include grammatical error, spelling mistakes or awkward phrasing – these are common signs of fraud.
  • Include offers or unexpected prizes. Ask yourself: Did I even participate in a contest?

  The Bank of Cyprus will NEVER send you any SMS text message containing a link. The Bank and other genuine organisations will never ask for your 1bank password, card details, PIN, One Time Passwords (OTP) or Verification Codes (VCs).

  Stay vigilant at all times and make sure you thoroughly read the full content of your OTPs, VCs and Alerts sent from your Bank, before you authorise any action and financial transaction.   

  How to stay safe:

  • Never share your Online Banking credentials.
  • Never click on any link(s).
  • Never download any attachments. 
  • Never reply or call back.
  • Contact us to verify or report the message.
  • Never enter your personal information, credit card credentials or passwords on suspicious websites.
  • Never respond to SMS messages from numbers you don’t recognize and appear suspicious.
  • Never believe messages that create urgency, such as threating account suspension or claiming you have won a price.
  • Keep your mobile device secure. Use antivirus software to detect and block malicious links for Applications.
  • Enable spam filters. Activate your phones spam filter to block suspicious messages.
  • Keep software updated. Update your device operating system and Applications to protect against known vulnerabilities.

  Where to get help:

  If the message claims to be from the Bank of Cyprus and you're not 100% sure it's genuine, then call  us on 80000800 or +35722128000 if calling from abroad, where you may be asked to screenshot the message and send the image to the Bank.  Alternatively you can report any suspicious texts or messages to us at info@bankofcyprus.com and abuse@bankofcyprus.com

• Phishing over e-mail

  A very common form of fraud today is Phishing over emails.  This type of Fraud relates to the receipt of an email which looks like it’s from a legitimate authority or organisation.

  How it works:

  Typically, they’ll send you an email and:  

  • encourage you to click on a website link.
  • urge you to take action quickly and threaten to “block your access to your online accounts”, “block an incoming payment” “close your account” “block or cancel your cards” if you don’t respond.
  • pretend that you’re owed or won money.
  • ask you to share confidential information, such as your online banking details, passwords, account numbers, OTPs, VC, Card details and PINs.
  • include instructions on how to reply or verify your account – like completing a form attached to the email.
  • Include spoofed Branding in e-mails. Look closely for inconsistencies in fonts, colours, or logos in the message.

  How to stay safe:

  If you receive a suspicious email:

  • don't share your online banking credentials.
  • don’t click on any links.
  • don’t open any attachments.
  • don’t reply.
  • Never grant access of your device to any third party or share screen unless you're absolutely certain of the source’s trustworthiness.
  • If you're not sure, contact the organisation using a phone number you know is genuine, or visit their website.
  • Keep your mobile device secure. Use antivirus software to detect and block malicious links for Applications.
  • Enable spam filters. Activate your phone's spam filter to block suspicious messages.
  • Keep software updated. Update your device operating system and Applications to protect against known vulnerabilities.

  Where to get help:

  If you've received an email that appears to be from the Bank of Cyprus and you think it might be a scam then forward it to us at info@bankofcyprus.com and abuse@bankofcyprus.com

• Quishing (QR Code)

  How this type of fraud works:

  In this type of fraud, a criminal uses QR codes as the delivery mechanisms to lure the victim into providing sensitive information such as financial and personal data or downloading malicious content.

  How it works:

  • The fraudster creates malicious QR codes and distributes them through e-mails, posters, flyers or other physical and digital media.
  • You scan the QR code with your smartphone or device, believing that it will lead you to a legitimate website.
  • The QR code redirects you to a malicious website that looks legitimate but is designed to steal sensitive data like login credentials, banking information or payment details.
  • In some cases, scanning the QR code may initiate the download of malware or ransomware onto your device.
  • The fraudster may use this QR code to perform unauthorized actions, such as initiating payments, accessing your accounts or stealing your data.

  How to stay safe:

  • Do not scan QR codes from untrusted sources.
  • Use trusted QR code scanner app that allows you to preview the URL before opening it.

  Where to get help

  If you've come across this type of fraud that appears to be from the Bank of Cyprus then forward it to us at info@bankofcyprus.com and abuse@bankofcyprus.com