Week after week, data leaks are constantly increasing and their consequences are becoming more and more concrete in the daily life of the French. Each day, phishing campaigns seek to deceive their targets with emails, calls and SMS with very convincing pretexts. Recently, many people have received false messages allegedly sent by Netflix, explaining that their account was going to be suspended due to a payment problem, in order to push them to provide information.
At the start of the school year, it was Free Mobile that served as a pretext for the scammers, with an alarmist email evoking a new European law to bring them to verify their information. For several months, a campaign has also been circulating in the colors of Amazon Prime, claiming an expensive subscription to a family subscription to encourage victims to return their precious information.
The novelty is that all these messages now display the real Iban of the victims to strengthen the illusion of their approach. The banking identifier is associated with their email or customer number. Messages so realistic that they become disturbing for the victims.
The consequence of massive data leaks at Free, Bouygues and SFR
These refined spams are the direct consequence of the massive leaks of data observed in recent months with telecom operators. Since the end of 2024, nearly 30 million French people have been affected by the hacks suffered by Free, Bouygues Telecom and SFR. And almost half saw their stolen Iban.
In theory, it is not possible to take money only with an IBAN. But combined with other data, this information can quickly become a weapon. Cybercriminals can make false samples mandates, divert payment by modifying an IBAN in an email or even make other scams more credible, such as that for false banking advisers. These elements can also be mobilized in attempts by Sim Swap, the usurpation of a telephone line to recover the codes of access to one person’s online accounts.
The gestures to adopt on a daily basis to protect oneself
Vigilance is essential in the face of these increasingly sophisticated scams. It is essential to closely monitor your bank accounts. The law gives 13 months to challenge a suspicious operation and be reimbursed. Then, adding protections makes it possible to limit the risks: you can ask your bank to set up a white list. In this way, only authorized creditors will be able to take you. Another option: activate the compulsory validation of new mandates in your banking app.
In parallel, we regularly change your passwords, with a sequence of complex and unique characters, and above all, we activate the double authentication. It is possible to activate additional barriers, via dedicated applications like Google or Microsoft Authenticator, to block access to pirates. We also look at its access to France Connect, which can become the gateway to administrative spaces and activate the connection alerts to be warned at each access to one of its accounts.
On a daily basis, finally, we do not click on suspicious links and we never transmit our personal data by email or SMS. If in doubt, contact the organization concerned yourself, without going through the links sent to the messages. In summary: always have a proactive approach.
Now find “the Digital Golden Rule” every Saturday at 6:53 am in “RTL Weekend” presented by Stéphane Carpentier.
How to sail on the internet safely? What are the settings to configure to protect your personal data? How to locate scams online before falling into the panel … Benjamin Hue, a journalist specializing in new technologies, answers here the questions you ask about digital and your daily online.
