Damien Bancal, journalist at ZATAZ, discovered a massive phishing campaign that uses the names and sites of the biggest French groups. If the pirate started, it seems by imitating the Health Insurance platform by making believe that his victim’s vital card expired, he seems to have extended his activity to other companies such as the Caisse d ‘Epargne, FNAC and even Netflix.
This is certainly one of the biggest cyberattacks targeting French Internet users in recent years. For several days, many of them have received an SMS from Health Insurance, telling them that their vital card is about to expire and inviting them to go to the organization’s website to renew it. Obviously, as the urgency of the message shows, it is a scam.
She’s not even the first to use this spring. On the other hand, what differentiates this phishing campaign from the others is certainly the “quality” of the imitation of the site. Indeed, by clicking on the link integrated in the SMS, the victim is redirected without realizing it to another website, displaying the URL amelicards-vitale.com. The latter looks like two drops to that of Health Insurance and the trap can therefore go completely unnoticed.
Beware of these phishing emails and messages that pretend to be big companies
No spelling mistakes or misplaced logos to report. In reality, to spot the scam, you have to dig a little deeper. Thus, as Damien Bancal, the journalist behind this discovery, shows, all you have to do is copy and paste the text into word processing software to realize the deception. By doing this, we indeed discover that the letters L of the message have been replaced by capital Is, which are displayed as Ls on smartphones.
On the same subject — Health insurance: the Ameli site has been hacked, the data of 510,000 French people are on the run
An ingenious method that bypasses classic cybersecurity tools. A total of 16 malicious URLs were created by the hacker for this campaign. Worse still, it has since extended its network by imitating the sites of other French groups, such as Banque Populaire, Caisse d’Epargne, FNAC and even Netflix. As always, be very careful with SMS containing a suspicious link.