Nearly 5 million people recently received a strange email asking them to change the password of one of their accounts. And contrary to appearances, it is a very important official message.
You probably receive many alert messages, whether by email or SMS, asking you to resolve any problem. Fine to pay, Netflix subscription or Vitale card to renew, attempt to connect to your Facebook account, undelivered package… Any excuse is good to make you click on fraudulent links, which generally contain malicious software or redirect you to a fake site to steal your personal and banking data. And to do this, cybercriminals do not hesitate to usurp the identity of large companies, such as Meta, Google or even Amazon, and French organizations, such as ANTAI. In short, over time, you become suspicious. And you’re right, especially at this time, when the Olympic Games are fast approaching and cyberattacks are multiplying like hot cakes.
Like nearly 5 million French people, you may have received a suspicious email with the subject “Secure your Chèque-Vacances account”. This email informs you that the platform of the National Agency for Holiday Vouchers (ANCV) has been the victim of hackers and invites you to change your password. “The ANCV has been the subject of connection attempts to Chèque-Vacances user accounts by malicious actors who use data obtained elsewhere. […] As a preventive measure, we ask you to change the password allowing you to access your Chèque-Vacances account., we can read. So, scam or official communication? You can let your guard down, this is the second option.
As a reminder, Holiday Vouchers were dematerialized in 2022, which made them easier to use to pay for various services online. This ease of use, highlighted by the ANCV, has led to a significant increase in their use, with more than 66 million euros spent through these checks. For example, you can pay for your train tickets online using these checks. When paying on the SNCF website, simply log into your ANCV account to collect the invoice amount. However, this digital transition also opens the door to new vulnerabilities, as recent attacks demonstrate.
The extent of the data theft has not been revealed and the ANCV does not provide details on the subject. However, it is strongly recommended that beneficiaries take the necessary measures and follow the agency’s recommendations. Indeed, changing your password would help prevent your balance from being stolen. And even if the latter is currently at zero, we still advise you to do it, because the hackers could connect again in a few weeks or in a few months, when you have been credited again, and use it without your knowledge.
For those who deleted the email, fearing it was a phishing attempt, know that you can still protect your account. Just go to the ANCV website and click on “Connect”. The page to access your account opens and you must click on “I forgot my password”. All you have to do is follow the procedure to modify it. Please note, the new password must be unique and contain at least twelve characters of four different types: lowercase, uppercase, numbers and special characters. If necessary, you can always use a password manager.