Be careful, as the Christmas holidays approach, package scams are increasing! Dozens of .fr domain names imitating those of Mondial Relay have just been registered, with the aim of attracting Internet users to phishing pages. Caution !
As the end-of-year holidays approach, more and more French people are turning to e-commerce sites to do their Christmas shopping and find original gifts to please their loved ones. Also, package delivery will experience a peak in activity, and cybercriminals intend to take advantage of it! To do this, they send SMS informing of a logistical error which prevents the delivery of a package, or they pose as a delivery person who claims that the package does not fit in the mailbox.
The preparations for the scams have already begun! Nicolas Pawlak, a Linux system administrator, sounded the alarm in a post published on Linkedin. During his daily monitoring, he noticed a strong increase in fraudulent .fr domain names (for France) targeting Mondial Relay. Their goal: to deceive distracted Internet users by luring them to phishing pages. No less than twenty names were submitted in just eight days! You’ll have to be careful!
Mondial Relay scam: domain names close to the originals
Even if they are completely fraudulent, the domain names look, at a cursory glance, quite credible. They seem to lead to help or assistance, complaints, delivery scheduling or even delivery service support pages. However, if you pay closer attention, you can spot spelling mistakes (“global relay”). Something to alert you!
These addresses can be integrated into phishing emails, in order to deceive the victim. If she clicks on one of these URLs, there is no doubt that she will find herself directed to a fake site which will imitate the original, often using the official logo and the graphic charter of Mondial Relay. Thinking that she is on the official site, she will then be asked to enter personal information, such as her username, password, email address, telephone number or, worse, her bank details, and thus fall into the trap !
We can only hope that Afnic, the registration office designated by the State for the management of domain names in FR, deletes them quickly! But waging this fight is like fighting the Lernaean Hydra: when one domain name is deleted, three are registered! If you ever encounter a scam of this type, report it to the site internet-signalement.gouv.fr. You will find advice on how to protect yourself from this on our practical sheet.