🎣Phishing Scam and Identity Theft

What is Phishing Scam?

Phishing is a form of online fraud in which criminals try to trick you into sharing personal, banking, or other sensitive information by posing as legitimate organizations – such as banks, courier companies, online stores, and others.
It is most often carried out through emails, messages, or phone calls, with scammers using fake websites and messages that look convincing.

The goal is to obtain:

• Usernames and passwords

• Bank card details

• Personal data such as ID numbers, addresses, and other sensitive information
  
  

Forms of phishing scams:

• Email phishing – an email allegedly from a bank or institution with a link to a fake website asking for your details.

• SMS phishing (smishing) – a text message about a “delivery problem,” “blocked card,” or another “urgent” situation.

• Fake websites – clones of legitimate sites where you unknowingly enter your details.

• Phone calls (vishing) – criminals pose as bank or institutional employees and request personal information.
  
  

Key indicators:

• Messages with spelling or grammar mistakes

• Emails or texts from unfamiliar addresses or phone numbers

• Links to unknown or suspicious domains (e.g., bank-login-security.com instead of bank.bg)

• Urgent requests – “Your card will be blocked,” “Your package will be returned”
  
  

Consequences:

• Theft of personal data – used for other scams

• Bank card theft – if you share your card details

• Access to online accounts – banking, social media, email

• Unauthorized transfers or purchases in your name
  
  

How to protect yourself?

• Do not click on links from suspicious emails or messages

• Check the website address before entering personal information – use only official domains

• Do not share personal or banking information over the phone or in messages

• If in doubt – contact the bank or company through official channels

• Use two-factor authentication for online accounts

• Keep your antivirus software up to date
  
  

What to do if you have already become a victim?

1. Stop all communication with the scammer

2. Change passwords for email, banking, and important accounts

3. Block bank cards or online banking if you shared details

4. Notify your bank about the scam immediately

   • Request blocking of cards or account access

   • Change internet banking passwords

   • Ask about the possibility of stopping a transfer if it has already been made

5. Report to the relevant authorities
   
   

Whom to contact:

• Cybersecurity Unit – Ministry of Interior (MIA) – cybercrime.bg

• Commission for Personal Data Protection (CPDP) – cpdp.bg
  
  

Useful links:

• Cybersecurity – MIA – Report a scam

• CPDP – Personal data protection

• Phishing scams – European Union

• Bulgarian National Bank – Online banking security tips