A new scam targets Orange subscribers claiming a change in contract and inviting them to consult their bill. A classic but effective phishing attempt to steal their personal data
Several Orange subscribers are currently victims of a phishing campaign. As reported by our colleagues from Phonandroid, this scam goes through an email that mistakenly imitates the operator’s official emails. In the email, the scammers make their prey believe that their Orange contract has been modified, indicating that a loved one can no longer benefit from the preferential rate granted thanks to the Internet offer they have subscribed to. By clicking on the link embedded in the message to find out more and correct the problem, the victims come across the login page for their Orange customer area… and naively provide their username and password, without suspecting that they are fell into a trap. Because the only purpose of this fraudulent message is to recover this valuable information.
Phishing Orange: a scam to recover identifiers
The scam is particularly well put together. Not only does the email perfectly reproduce the graphic codes of Orange, but the login page is a perfect copy of the real one. Neat counterfeits, intended of course to deceive unsuspecting users, by playing on their anxiety and haste. As always in this kind of usurpation, several details should give the alert.
First, the address of the sender of the email – [email protected] – does not correspond to the official contact addresses of the operator. Then, the message has, on the end, a small spelling error. Subtle, sure, but it’s the kind of detail that should grab attention. Finally, the relative mentioned in the message is a complete stranger, unrelated to the target! And to top it all off, the URL of the pseudo login page obviously does not correspond to the address of the real client area, which can easily be checked by checking it in the browser bar… Very classic, then, but which enough to mislead users uninformed of the methods of scammers, or not very comfortable with computers and their intricacies.
As we know, telecom operators are often the target of scammers, who seek to recover personal information (telephone number, identifiers, passwords, etc.) to set up new scams by exploiting compotes and bank details. And Orange customers are a target of choice, because of their number. Thus, only a few weeks ago, a phishing campaign encouraged the operator’s subscribers to quickly switch to fiber or risk losing their Internet connection.
If you are an Orange customer, be very attentive to the content of the messages you receive at the moment, even when everything seems normal like here. If in doubt, consult the Orange support page dedicated to phishing and spam. Sometimes, a simple spelling mistake is enough to put the flea in the ear…