The tone is alarmist. A post shared more than 107,000 times on Facebook since October 3 warns of a scam targeting Crédit Agricole account holders. The process is explained as follows: the victim is contacted by telephone by a person presenting himself as his bank adviser. This person assures that she “will not ask for any number”.
It says call to update a “securicode”. And for proof of his good faith gives information such as “the account number, the exact balance of my three accounts”, specifies the publication. A new security code is sent by SMS. “I tell myself that it stinks, comments the Internet user. If you enter this code, it adds a new beneficiary and empties your accounts! “Attention, alerts the post, “the trick is really very well done”.
A banking expert contacted by 20 minutes, confirms the process which “focuses on Crédit Agricole” in this post, but turns out to be “a classic phishing scenario which impacts customers of all banks”. Thus, the fraudster has collected, upstream, a certain amount of information to put his victim in confidence and give credibility to his speech, he explains.
If the generalization of strong authentication has allowed the fall in the rate of fraud in payments on the Internet (- 20%), the threats are evolving, notes the latest report from the Payment Means Security Observatory. Fraud techniques by “manipulating” customers and by identity theft campaigns have developed in parallel and are increasingly sophisticated.
An increase in the number of reports
The number of reports of fraud, with identity theft of the type calling false bank advisers, has thus “increased very sharply in recent months”, confirms the Prudential Control and Resolution Authority (ACPR). Other scenarios apply: the fraudster may claim to have to urgently block or cancel a bank card or transfer fraud on the account, the site Insurance, banking, savings info servicea common platform set up by the ACPR, the Banque de France and the Autorité des marchés financiers (AMF).
These calls are actually intended to circumvent new payment security features. Frequently, the site also specifies, scammers use technology that allows them to reveal the phone number of the spoofed bank and hide their real number.
Information recovered by phishing or malware
Initially, information was usually retrieved by phishing, i.e. an email was sent asking to “update” or “confirm [ses] information following a technical incident”, in particular bank details, or by “stealer” type malware, software that steals user data stored in the browser.
Once this information has been obtained, the fraudster then calls the customer with the aim of validating transactions protected by reinforced authentication measures. “In the case presented, it is obviously the addition of an external account number, which assumes that the fraudster already has access to the customer’s online bank”, underlines the banking expert.
Never communicate your data by e-mail or telephone
The fraudster asks the victim to add an account, an action which will trigger the sending of a temporary security code by SMS, and which he tries to recover to finalize the addition of external accounts and make transfers in his favor .
Crédit Agricole indicates that it mobilizes human and financial resources to fight against cybercrime and recalls that it never asks to communicate data by e-mail or telephone. The bank’s website also lists examples of attempted fraud and explains the good practices to be implemented. The Payment Means Security Observatory also lists precautionary advice in case of suspicious activities.