Hey world! It's been a minute...
Today I received a couple phishing e-mails, like the one in the screenshot below (not that this is a first) and I decided to do something about it.
So.. I tried to find the report button on my email account. I couldn't! I could only mark the email as spam, but I could not report it.
Then I tried to inform the relevant bank and I was surprised to realize that the don't have a system for that... They only provide self-protection instructions.
So, I decided to escalate this... As the sender's domain was from inside EU (one of them was Germany actually) I decided to go and report it to the appropriate German authority. I ended up in the Cybercrime page of BNK which also seems to only provide information and not have a report form (or email)...
To be honest, I found this sketchy site which seems to ask you to report spam email from Germany to them, but at best FSM seems as a volunteer organization and at worse it's a fraud itself.
Going forward, I check the EU aspect of this, but my search drove me to OLAF which is something like EU's internal affairs.... anyway, they ask you to visit Europol's site on the mater (also the bank had this link as well).
So.. I went there.
Guess what!! Europol just instructs you to contact your local authorities!!!
And we already know by now what is going on in Germany, is there any chance it's better in Greece ??
Well.. you guessed that right: Of course there is no way other than actually calling the police. And of course I will not spend the phone operator's and the duty officers' valuable time for a phishing email of which I'm not a victim... There should be a separate second line service for that...
In the end I quit, I just reported the domains to Google and Microsoft, to make sure the domain's existence will be blocked from practically any browser but that's not the way. It is not the responsibility of corporations to protect the public... It's the responsibility of the states.
Why is it so difficult for EU to have a centralized service to protect the public proactively by shutting down those sites? Or at least for each country to have one ?
Just by searching "Report Phishing" in Google I can easily find:
1) USA's CISA
2) Google's safebrowsing page
3) UK's report-a-scam NCSC
4) Microoft's support page
So, it seems to be easy for US (a big federal country - comparable to what EU wants to be) and UK (a medium sized country, not bigger or richer than Germany).
Pretty sure that if I managed to search in different languages I would find options to report spam in countries even smaller than Greece actually.... But why is it so difficult for EU countries ?
#phishing, #report, #EU, #Greece, #Germany