Taking advantage of the recent tax return, scammers are sending text messages alerting them to “suspicious activity” on their prey’s account. A classic phishing scam designed to steal their bank details.
Fraudulent SMS campaign, identity theft, fake transfer order scam, premium number scam… Tax services regularly warn Internet users and taxpayers about this against what has become a real scourge. And there is plenty to do, especially right now! Indeed, from April 13 to June 8, taxpayers were called upon to complete their tax return for the year 2022. Blessed bread for scammers, who take advantage of this to launch new phishing campaigns by posing as the public finance department.
Journalists have spotted a phishing campaign, conducted via SMS, which indicates that “your account is being verified. To reactivate access to your personal space, identify yourself via” followed by a link. This leads to a clone site of the real official tax site. The webpage tells you that“suspicious activity has been detected on your account. Please authenticate to restore access to your personal space” – we spare you spelling mistakes. You are then asked to enter your tax number and your password. Of course, these will be harvested by cybercriminals, who can then resell your personal data on the Dark Web – a tax form contains a lot of valuable information – but also trying to create fake accounts once you have your login details or resetting your password to steal your identity.
Tax scam: fraudulent clone sites
Of course, there are variants to the scam. One of them comes in the form of an email announcing (very) good news, namely that the Public Treasury has decided to proceed, in your favor, with a tax refund, most often amounted to several hundred euros. “We are pleased to inform you that, following our processing of your tax return, we have calculated that you are entitled to a tax refund in the amount of €115.49”thus announces one of the messages spotted last April by 60 Million consumers. A boon in this period of inflation and compression of purchasing power.
But be careful, it’s a trap! Because before paying you money, the real-fake tax services behind which the scammers hide must first make sure that the information about you is correct. And to do this, you are invited to fill out a form – branded in the colors of the site Impots.gouv.fr – where you are asked to enter your bank details. According to the website 60 Million consumersthis type of scam has become so frequent in recent days that the DGFiP (the General Directorate of Public Finances) had been forced to close accounts targeted by hacking attempts as a preventive measure. So don’t fall for the trap!
Tax error message: how to spot the scam?
To avoid being robbed, adopt a few good reflexes. First, check the message for spelling errors. If so, no need to push your investigations further, it is a scam! If it is an SMS, observe the telephone number: the Ministry of Finance will never contact you with a number beginning with +33, 06 or 07. Similarly, even if it is not always easy to spot this type of scam when you check your emails on the move on a smartphone, it’s always good not to rush, to take the time to sit down and check things, starting with dialing the address email that was used to send you this fraudulent message. Admittedly, the scammers may have had the good idea to create an address close to the official address, but since they are not always Nobel Prize winners, you can count on the fact that they use a most eccentric email address. In the case of 60 million consumers, the sender address was [email protected]. Nothing to do with the Department of Public Finances!
Second important element, if you clicked on the phishing link sending you to the fraudulent site, take care to check the URL, that is to say the address of the site to which you were redirected, before communicating any personal information and, a fortiori, your bank details. As a reminder, the address of the official website is www.impots.gouv.fr. Again, take your time, and better still check things out for yourself by logging directly into your personal account, identifying yourself securely via France Connect. You will then very easily see the deception. Finally, it is important to keep in mind that the tax authorities will never, ever ask you for a bank card number for the payment of a tax or for the reimbursement of a tax credit, neither by e-mail, nor by SMS, nor by any means whatsoever.
If, despite everything, you are trapped, which unfortunately can happen, contact your bank as soon as possible and follow the recommendations given by the official prevention site. cybermalveillance.gouv.fr. Change your password and contact the tax department as soon as possible at this address. Finally, don’t forget to report the fraudulent message to the following Signal Spam services, Pharosor directly to 33700 if you have been the victim of a – successful – phishing attempt – or phishing in good French – by SMS.