It was to be expected. A few weeks after the theft of data from Free, a wave of scams targeting the operator's subscribers began to surge online. The increase in scams was spotted by Centho, a young expert in the fight against scams, who is very active on X.
The Internet user indicates that he noticed “a wave of scams specifically affecting Free customers” following a “multiplication of reports” on the social network Reddit. On the platform, the testimonies all relate the “same scenario”.
Also read: Cyberattacks in France – the latest data leaks and companies affected
A horde of fake banking advisors
In all cases recorded, the hackers who exploit the data stolen from Free pose as customer advisors. They pretend to work for your bank and spontaneously contact you. Firstly, you will receive an SMS which impersonates your bank. It will be recalled that the telephone numbers of Free subscribers have in fact been compromised. Some of the victims are users of the online bank Revolut.
Hackers use a technique called “spoofing”. It consists of falsify the call number displayed on the victim's phone to make it appear to come from a legitimate source. De facto, they “can show ANY NUMBER, even your real bank number”with en garde Centho.
If you do not react to this first approach, the hackers will make a phone call. This is where a scammer will try to pose as a customer service employee at your bank. To fool Internet users, they will use the information in their possession.
“A number calls me saying it's Revolut, it gives me my last name and knows my IBAN », testifies an Internet user on Reddit.
Also read: Bank scams: why you should request reimbursement from your bank
False fraudulent transactions
By evoking this data, the hacker wants to give the victim confidence. Subsequently, the scammer pushes the vice by mentioning the cyberattack that hit Free. The mention of the hack must explain why your bank is contacting you. The fake advisor claims to have blocked a fraudulent transaction of 1800 euros from an online betting site.
By exploiting Free data, creating a “false emergency” and pretending to be “the security service” from your bank, hackers are trying to extort money from you. To this end, they will convince you to install a malicious application, which could steal your banking code, or persuade you to communicate to them access codes received by SMS. These authentication codes, sent by your real bank, will open the doors to your account for them. It is from this moment that thieves can debit your account.
More than ever, we recommend that you be careful and never communicate sensitive information over the phone. As a reminder, a bank will never contact you to ask for information or to respond to fraud. If any activity is suspected, your card will simply be blocked. In the case of an online bank like Revolut, you will be informed directly in the application installed on your smartphone. If you have any doubts, cut the call short and contact your bank through the official telephone number. This is the most prudent solution available to you.
Also read: Data leaks: yes, your IBAN can be used by hackers to make purchases
Although it appears that the data stolen from Free was ultimately not sold, samples were released by the hackers. De facto, all cybercriminals who frequent BreachForums, the criminal forum on which the data is sold, were able to access sensitive information about the ISP's customers. For example, 100,000 IBANs, out of the five million compromised, were distributed free of charge by the hackers.
As Centho points out, hackers also target SFR customers. Mirroring Free, the operator in the red square was the victim of a cyberattack last September. Hackers stole the data of 50,000 subscribers. In short, now is the time to be extra careful.
???? To not miss any news from 01net, follow us on Google News and WhatsApp.
Related News :