This Crit’air SMS scam is extremely well done

A phishing campaign based on the purchase of Crit’air stickers has been raging since the beginning of September. The malefactors carefully reproduce the official site to deceive the victims and recover banking data.

After health insurance and the CPF, criminals are targeting another public service site: the Crit’air platform. One of our journalists, owner of a scooter, received a misleading text message on September 20 inviting her to obtain the obligatory sticker in Paris. The message refers to a site that perfectly reproduces the aesthetics of the only official platform: https://www.certificat-air.gouv.fr/. The fraudulent domain name was filed on September 15, so the campaign is recent. The scam even goes so far as to include real redirect links to public service pages to trick victims.

An SMS referring to a fraudulent site. // Source: Numerama

This fake platform invites the Internet user to fill out a form, asking him for a lot of information, including his place of residence and his telephone number. We note that loading animations have even been added between each page opening.

Bank data theft

After having provided all the information, as one would do for a classic official document, the site asks to pay the sum of 2.95 euros to receive the famous sticker. The criminals make a mistake here, since the official price is 3.70 euros. The main thing is not there anyway, since hackers obviously seek rather to recover banking information to try to scam victims or make purchases without their knowledge.

phishing Crit’air
The fake site ends up asking for bank details after a form where the user gives personal information. // Source: Numerama

We have alerted the Ministry of Ecological Transition and Cohesion of this phishing attempt. The communication services replied that an internet watch has been put in place to limit the reach of malicious sites.

When we are informed of malicious sites, these sites are then blocked and a report can also be made to the public prosecutor. We recall on our official site and partner sites the following message: Beware of scams: the official Crit’Air site of the ministry does not send SMS messages to users to buy vignettes. Be vigilant and make sure you are on the correct address of the official site, namely https://www.certificat-air.gouv.fr/ replied the ministry.

The fraudulent site was closed after our report, but others have surely emerged and you are not immune to receiving, in turn, a message. Many Internet users have also reported having received text messages.

Since September 1, the cities of Marseille, Lyon and Rouen have inaugurated or extended the implementation of their low emission zone (ZFE), with the oldest and most polluting vehicles in the sights. The sticker will therefore be compulsory in these urban areas. Be careful to check the domain name of the site before making a purchase. There is no chance that the public service will inform you of this by SMS.

Malefactors find your number from cookies or data leaks on the darknet. Unfortunately, there is no solution to avoid receiving these sms, only caution counts.

For further

Hacker // Source: Nino Barbey / Numerama

Leave a Comment