Several European Union domain names have been used by criminals to promote free streaming sites. These links are actually traps to steal banking information.
The real challenge of a hack lies in how to present the trap to the victim. Rather than sending phishing links that will end up in spam, a team of hackers has hijacked sections of the European Union to promote free streaming sites.
You can do the test: when you type the domain name ” europa.eu free movie you will come across links to watch the latest blockbusters, including a PDF file. The domain name of this online PDF is “ https://school-education.ec.europa.eu », or the page dedicated to education in the EU. The file in question gives instructions to watch recently released movies for free, without registering on streaming platforms.
We followed the link that prompts to open an account first. After filling out the information page, the site ends up asking for bank details, a very common technique among hackers. The same scheme is used when criminals create clones of Netflix or Amazon.
Scams featured on Google
The first concern is that the phishing link goes very high in Google’s ranking, thanks to the importance and legitimacy of the europa.eu domain name. Internet users who seek to circumvent streaming platforms to find free movies could perfectly come across these files.
The other concern relates to the security of the public portals of the European Union. Several specialized sections allow researchers to deposit files so that they can be read by everyone on the web. Criminals only have to open accounts and use this same option to upload their fraudulent PDF. The Joinup platform – on digital issues – was, for example, affected by this technique: the EU recently temporarily banned the creation of new accounts on this page. Other sections such as education, the European chemical society or the observatory on nanomaterials are also targeted.
A cyber expert reported this domain name hijacking to us. He usually alerts CERT – the Computer Incident Response Team – who immediately deletes these pages, but many manage to fly under the radar. Contacted by Numerama, a Commission spokesperson replied:
” The europa.eu domain is an important asset used by EU institutions, bodies and agencies as well as the public and which, unfortunately, can become the target of malicious actors. The Commission makes every effort to prevent such incidents, for example by constantly improving the rules and tools for publication and web protection, as well as moderation. In the event of such fraud, suspicious content is removed as quickly as possible. An attentive audience is very useful. »
You can send an email to [email protected] if you spot a fraudulent site.
Build the future of Numerama with us by answering these questions!
