Cyber ​​Scams: Guide from the National Cyber ​​Security Authority – What to do if you receive a misleading SMS


Smishing (also known as SMS phishing) is a form of attempted online fraud that is carried out via short text messages (SMS) via a mobile phone.

The instructions for the enhancing security and the privacy of citizens, the National Cyber ​​Security Authority reminds, on the occasion of the ever-increasing incidents of sending misleading smishing messages (SMS phishing).

As mentioned, Smishing (also known as SMS phishing) is a form of phishing attempted wire fraud which takes place via short text messages (SMS) via a mobile phone.

A smishing attack goes like this:

  • The victim receives an SMS message in which the sender impersonates a trusted entity, organization or person.
  • The SMS is short, and contains a link.
  • By clicking, the unsuspecting user downloads malware to their device or is redirected to a malicious website where they are asked to provide their data, such as sensitive private information, passwords, identity or passport details, bank account, bank card and more .

Smishing incidents are dealt with on a global scale. They have been mentioned especially for the Greek territory malicious messages which appear to be related to a document issued by the Unified Digital Portal (, or to have content of fiscal interest (such as a tax refund), or to come from banking institutions, or even from parcel tracking/delivery companies.

In this context, the National Cybersecurity Authority invites citizens to manage SMS with care and patience and more generally the messages they receive even if at first glance they seem true. In particular, the following prevention and protection measures are recommended:

  • You should not click on any link included in the message.
  • You should not respond and react hastily to such messages even if they are presented as urgent. Spend some time searching the internet to investigate the authenticity of the message. If possible contact the alleged sender to confirm their authenticity.
  • Do not give personal information such as passwords, card numbers/PINs, username, etc.
  • In any case, access to the respective operator must not be carried out through links from any SMS message or email you received. It should be done through the official website of the institution, organization or bank (or through the official mobile application).
  • Keep your device and apps up to date.

You May Also Like

Recommended for you

Immediate Peak