Attention to all motorists: scammers are currently trying to empty your bank account via a formidable new scam. Subscribers to the Ulys electronic toll service are particularly targeted, but anyone can actually be affected.
Motorists remain a prime target for scammers of all stripes. In recent years, they have not lacked ingenuity in trying to trap drivers. We are thinking, for example, of the famous scam involving fake QR Codes on windshields and parking meters... Or even this dubious method used by certain breakdown services to intervene in claims instead of the companies mandated by your insurance.
Telepeage subscribers, beware of this new scam
This time, telepeage Hackers have decided to target subscribers to the Ulys electronic toll collection service. As the company explains on its website, the brand is currently being hijacked as part of a large-scale phishing campaign: “You may receive fraudulent emails imitating Ulys or Vinci Autoroutes emails (color, logo, etc.). The hackers behind these emails are trying to collect personal information, including bank card data, from customers targeted by these communications.” At the time of writing, testimonies from targeted motorists have multiplied rapidly on social media. This is what prompted Ulys and Vinci Autoroutes to quickly speak out. Concretely, what does this scam look like? It all starts with a text message or email from Ulys.
Obviously, the hackers play on the urgency and demand the payment of a small sum (around €6.80 according to the numerous reports) to settle an unpaid bill. By clicking on the link in the message, users are redirected to an exact copy of the Ulys website. They are then asked to enter their personal information and bank details. Of course, everything is false, and the hackers are counting on your cooperation to quietly recover all your data and empty your bank account.
Warning! SMS phishing operation underway at Ulys toll booths. pic.twitter.com/Jc3Fs27Bke
— Signal-Arnaques (@SignalArnaques) May 30, 2025
Be vigilant if you take free-flow highways
As mentioned above, Ulys subscribers are the primary target of hackers, but other motorists can easily fall for it. This particularly applies to those who regularly use free-flow motorways managed by Sanef, such as the A13 or A14, for example. This is because drivers who use these sections must go to the Sanef website to pay for their fare within 72 hours.
This means you can quickly get caught out, especially if you've been late paying for a journey. “We left for the Ascension weekend and as I am used to receiving emails from Sanef for the A13, I barely looked at who was writing to me and I started the process of paying… Fortunately, I saw at the last moment that it was not like usual, that it was not the usual environment of the Sanef site…”, a retiree tells the columns of France 3 Normandie.
How to avoid falling into the trap?
First of all, you must first check the address used by the sender. In this case, and as Ulys details, all emails sent by the company end with:
- @ulys.com
- @___.vinci-autoroutes.com (examples: @facturation2.vinci-autoroutes.com, @e.ulys.vinci-autoroutes.com)
On the Sanef side, there is only one site for paying, namely https://www.sanef.com. Incidentally, Ulys reminds us that the company will never ask you to communicate your login details, passwords, or credit card numbers by email, SMS, or telephone. If you have ever received this type of message, do not hesitate to report it on PHAROS, the government platform dedicated to reporting illegal content/behavior on the web.
0 Comments