DayFR Euro

This very convincing fake notary email claims that you are heir to an estate

A new phishing campaign exploits emails from notaries to send false inheritance documents to Internet users. These fraudulent pages are used to steal credentials.

A new phishing email variant is currently arriving in inboxes. Reported by a cybersecurity expert, this message is sent from a legitimate, potentially hacked, notary office and claims that a confidential file is being sent to you. To deceive their targets, the hackers cleverly copied the visual identity of the notary offices, adding the logos of and partners of the 2024 Olympic Games. The email invites the Internet user to enter the email address to be redirected to a Legitimate download page from Orange.

The fake login page. // Source: Julien Leroy

Cyberattacks: when humans are the weak link

With U-Cyber ​​360°, the French company Mailinblack allows you to protect your organization and educate your employees in cybersecurity.

From the password manager to email security, continuing training and attack simulations, this solution brings together all the tools to prevent cyber risks.

Once opened, the document asks for identifiers – email and password – to access the information. A priori, the file “ inheritance tax » is “ just a simple page, with no apparent malicious code », Indicates Julien Leroy, IT security administrator. By analyzing the page’s code, the cybersecurity expert discovered that it links to an automated bot on Telegram designed to scrape credentials. “ As a result, there were no detectable viruses, malware, or other threats that would trigger an alert on security tools » specifies Julien Leroy.

The download page on Orange. // Source: Julien Leroy

This method makes it possible to dodge the security filters of messaging services, while automating the sending of thousands of emails, to recover data from victims who have fallen into the trap.

How to Spot These Notary Phishing Emails

Notary offices are regularly targeted by pirates. In many cases, they are difficult to distinguish because cybercriminals use legitimate addresses. To avoid giving your credentials to criminals:

  • Contact the notary office directly, by telephone or e-mail, to ensure the legitimacy of the message.

If you have already given your login details, quickly change all the passwords for your many accounts on the web.

To go further

What is the best password manager?
What is the best password manager in 2024?
Find our complete tests


-

Related News :