Be careful if you receive an email from Ile-de-France Mobilités informing you that you are eligible for a refund of your Navigo Pass: scammers are currently sending fraudulent messages linking to a booby-trapped site!
The public transport network in Île-de-France is (too) often the victim of disruptions, which make travel very difficult for users. Between strikes, delays, bad weather, heavy crowds, slow traffic and even forgotten luggage – this list is not exhaustive – it is sometimes very difficult to travel in the region. Especially since the price of the Navigo pass continues to increase – it went from €75.20 to €84.10 per month between 2022 and 2023, then to €86.40 in 2024.
Also, Île-de-France Mobilité regularly organizes reimbursement campaigns, to compensate users who have not been able to use transport correctly on a recurring basis. A boon for scammers, who use this motive to try to scam users with fraudulent emails and clone sites very similar to the original. Be careful, because a journalist reveals the return of this well-known scam via a phishing email received on November 13.
A most bizarre scam:
– the sender is not IDF Mobilités
– the link opens an address “fuzetea-bieanfrais”
– first attempt: rerouting to the real IDF mobilities site!
– second attempt: routing to the scam site which will attempt to regain access to your account pic.twitter.com/ok6aHo9UyQ— Alexandre Lenoir (@alex_lenoir) November 13, 2024
Navigo Pass Scam: a fraudulent clone site of Île-de-France Mobilités
The scammers went to great lengths to be as credible as possible, by using the company’s aesthetic and logo. There is even a file number! The message indicates that, “due to recent transport strikes, inflation in France and the Paris 2024 Olympic Games”travelers “are eligible for a refund of 37.60 euros”. More than welcome help, as the end-of-year holidays and the countless expenses they entail are fast approaching!
The email encourages victims to click on a link in order to “connect to the compensation area”. The Internet user is then redirected to a clone site of the Île-de-France Mobilités site where he is invited to give his identifiers. Obviously, everything will be sent to hackers, who will be happy to access your account and sell your personal information to the highest bidder. No detail is overlooked! Sender address, mobility[@]navigo-support-fr[.]com, is credible, and the fraudulent site even takes the trouble to link to the real Île-de-France Mobilités site.
To avoid being fooled, always check the sender’s address of the emails you receive. Normally, RATP should contact you via “[email protected]” or “[email protected]”. Also check the domain name. When in doubt, it is best to always log in to your account, through the official website or application, and never from an email. If you are ever the target of an online or SMS scam, immediately forward the message to 33 700, a platform specializing in reporting scams, to Signal Spam or to Pharos. You can also report these fraudulent messages to the site internet-signalement.gouv.fr. Then block the sender’s number to stop being bothered.