A novel phishing campaign is underway, targeting Greeks with phishing sites that mimic the state’s official tax refund platform and steal credentials as they type them.
The campaign aims to trick victims into entering their banking credentials on the sites, allegedly to confirm themselves and give authorization for a tax refund.
However, everything the user’s type on these sites, even if they never click on submit to complete the login process, is sent directly to the malicious actors.
The campaign was discovered by researchers at cyber-intelligence firm Cyble, who shared their findings exclusively with BleepingComputer.
In the fake portal, the visitors are requested to select their bank institute, with the phishing actors offering seven options, including several major Greek banks.