A cybercriminal located in Algeria has managed to defraud 1,700 customers of Crédit Agricole, the leading French bank, by recovering their banking data.
For the hacker to achieve this feat, the Algerian computer scientist simply recreated a copy of the bank’s interface and then lured the customers to fill in their account numbers and passwords. The trick was to retrieve the credit card information then and transfer their money.
The specialized site VPN Mentor has noted the information and explained the process used since October 2020 by a small genius of computer fraud based in Algeria.
It explains that the person or persons behind the scam have created a site that looks like two drops of water to that of Crédit Agricole, the first French bank for individuals. They then installed a phishing system on this site.
Phishing is a scam where the author sends fraudulent emails or SMS, presenting it as a legitimate company or organization. But the URL address, i.e. the link to the website, does not actually send them to the bank’s official website but to a copy of the website managed by the hacker, which VPN Mentor explains.
The simple objective is to get the future victims to perform operations for which they give their bank identifiers and account numbers, credit card numbers and the secret code that goes with it. The fraudster then only has to use this information to empty the victim’s real account.
All the data collected was automatically sent to a Telegram account belonging to the scammer to notify them every time someone enters his details in the phishing kit, says VPN Mentor, which estimates that 1700 people in France have fallen for the trick.
The Crédit Agricole has confirmed the existence of the fraud, considering that it was “a widespread phenomenon especially in financial activities” but also clearing itself of responsibility, considering that its security measures are among the most protective existing and that it can therefore not be held responsible for the scam.
In conclusion, always be wary of the emails or SMS you receive, which may lead you to give your banking information. Also, always check the address that appears in the navigation bar to see if it is really your financial service and not a copy.