It’s the new trendy scam. Under the pretext of asking you to update your vital card, on the internet, scammers steal your personal information and those of your bank card. They then use it to extort hundreds of euros from you, either by making small purchases with your card, over the water. Either by pretending to be fake bank advisers.
Under this false identity, they call you under the pretext of canceling fraudulent transactions made with your credit card (the number of which they retrieved from the false Health Insurance site). They ask you for your codes to supposedly cancel purchases made with your card. Thinking you are confident, you are actually … validating purchases for them …
To avoid falling into the trap, it all starts with an SMS. If you receive a message asking you to update your vital card, be careful!
No update online
“The vital card has never been updated on the internet! It is updated on specific terminals in a pharmacy or at your doctor’s office. And the Health Insurance already has the essential information about you: your name, your date of birth… It could possibly ask you to confirm them, in your personal space, but not to indicate them for the first time”, puts in Jean- Jacques Latour, expert director at www.cybermalveillance.gouv.fr.
A few things to know before filling out a form asking you for personal information. “L’Assurance Maladie never asks for the transmission, by email or SMS, of personal elements (bank details, medical information, social security number, or password). Only exchanges of information via the ameli account are secure”, specifies the Health Insurance on its official website.
Check sender address
To make sure that a message comes from Health Insurance, remember to check the address from which the message comes. By email, it’s email@example.com.
It is more difficult to identify the sender of an SMS. This is why scammers are increasingly using this means of communication. In addition, by clicking on the link from your smartphone, the link is sometimes less readable in the navigation bar. However, remember to look, even if it means doing the process on your computer so that the link is more readable. If the address is ameli.com and not ameli.fr, you are on a fraudulent site!
“In case of doubt about the authenticity of a link to the ameli account, it is possible to position the mouse cursor on the link, without clicking on it, in order to display the address to which it points and check thus its likelihood (on a phone, long press on the link). Failing this, it is recommended to go to the Health Insurance website, or on the ameli application from your mobile phone or tablet to connect securely to your account”, specifies Health Insurance.
Vigilance on the phone
Scammers who have taken your information by phishing trust you on the phone because they have specific information about you. When they call – sometimes going so far as to display the number of your bank branch on your screen – they list your name, your address, and even your credit card number. You think you’re with your real advisor… when they use the information you provided on a fake site to suck up your data.
“The tax number, connection identifiers, etc. to connect to the accounts of other administrations, such as taxes, are not requested by the Health Insurance, whether by telephone or by email. However, it is important to know that in some cases, to secure calls, Health Insurance advisers may ask for some of the bank details, but never all of them, and never any password, even temporary. , specifies the health insurance.
What to do in case of scam?
If you find yourself being the victim of fraudulent use of your banking information, file a complaint immediately.
Notify your bank to oppose your credit card.
And report the maneuver of which you have been the victim to avoid others the same misfortune. You can indicate the address on which trapped you to Phishing Initiative which will request the blocking of this site as well as its deletion.
If it is an SMS, report it on the 33 700 platform or by SMS to 33 700. These services will block the sender of the message.
If the fraudulent message is in the colors of FranceConnect, it should be reported by forwarding it to the following address: firstname.lastname@example.org.
And warn the government platform which provides information on this hacking and explains how to protect yourself from it: cybermalveillance.gouv.fr.