A new scam is targeting Orange subscribers. Spotted by our colleagues at Zataz, the scam begins with the sending of a fraudulent email on a "large scale" to many of the operator's customers. The specialist blog indicates that the threat is "growing rapidly".
A fake "billing incident"
The fake email claims a "billing incident" that requires immediate action from the subscriber. The hackers have obviously copied the design of the incumbent operator's official communications to the letter. It is difficult to identify the deception, especially since some emails use an official Orange address. Cybercriminals can indeed spoof an address using dedicated tools, which will trick the Simple Mail Transfer Protocol, the origin of the email.
Furthermore, emails often contain a wealth of personal data, such as the target's first and last name. Hackers have simply taken this information, as well as the associated email address, from compromised databases. These directories are rife on the dark web at a time when France is overwhelmed by cyberattacks. This is why the scam is particularly dangerous.
The email claims that Orange has detected a suspicious debit attempt. To block this debit, the target must call the emergency customer service number provided in the email. Instead of reaching Orange support, the subscriber will directly contact a scammer in a fake call center. This trick helps lull victims' suspicions. By calling the number themselves, the target enjoys a false sense of "control and legitimacy". Scammers sometimes go so far as to provide a fake tracking number, which increases the scam's credibility.
Another PCS card scam
Over the phone, the hacker will confirm that Orange has blocked a fraud attempt. They will then ask the caller to authenticate themselves so that the operator can finalize the block of the direct debit. To do this, the subscriber must make a "security payment" by immediately going to a tobacconist.
In fact, the scammer guides the victim into purchasing a Transcash or Paysafecard PCS (Prepaid Cash Services) card. To activate this card, you must use an activation code. The hacker will request this code, which will give them access to the funds stored on the card. The money quickly disappears into foreign accounts. Obviously, the mention of a payment via a PCS coupon should definitely raise a red flag. This is a tactic widely used by cybercriminals, including scammers.
Source: Zataz
0 Comments