Card and payment scams in Greece — and how to avoid them
DCC (“charge in your currency”)
an ATM or terminal offers to bill you in your home currency at a padded rate. Always choose euro. Highest frequency, easiest to avoid.
Euronet / airport ATMs
high access fees and poor conversion. Use a Greek-bank ATM (Alpha, Eurobank, NBG, Piraeus) instead.
ATM skimming
a hidden reader and tiny camera capture your card and PIN. Defence: prefer ATMs inside or attached to bank branches; cover the keypad as you type; check for loose or odd-looking parts; avoid isolated, late-night machines.
IRIS / “pay me first” fraud
someone asks you to send an IRIS payment for goods that never arrive, or shows a fake merchant QR. Because IRIS has no chargeback, the money is gone. Defence: treat IRIS like cash — only send to trusted parties, and check the merchant’s QR is the genuine one, not a sticker placed over it.
Phishing — fake bank SMS, email or app
a message posing as your bank asks for codes, an OTP, or your login. Defence: banks never ask for full codes or passwords. Don’t click links in messages — open your banking app directly by typing the address or using the installed app.
Public Wi-Fi for banking
open networks at cafés, airports or near ATMs can be used to intercept activity. Defence: use mobile data or a trusted network for any banking or payment.
The mindset that protects you
the rip-offs split into two kinds — silent overpaying (DCC, bad ATMs), which you beat by choosing euro and the right ATM; and outright fraud (skimming, phishing, IRIS scams), which you beat by guarding your PIN, your codes, and never treating an irreversible payment casually. None of these defences cost anything.
Related
DCC — always “charge in euro” · ATM fees in Greece · IRIS instant payments · protecting your tax number and identity
This is general information, not security or financial advice. Threats evolve — if you suspect fraud, contact your bank immediately. WTP Finance is informational only.