Last January, Christine and Yves began their efforts to build a swimming pool in their garden in Yvelin.
The couple called on a trusted craftsman, Matthieu Legrix, recommended through a friend.
In total, the cost of the operation amounts to 14,000 euros.
Once the deal has been concluded, the pool specialist sends an email at 9:30 p.m. with a deposit invoice and his RIB (bank account details).
Christine receives it at 10:15 p.m. and makes three transfers on January 26: 4,000 euros from her personal account, 3,000 euros via her professional account and 7,000 euros from her husband's account.
Read also“I lost 50,000 euros in a single transfer”: these French people scammed by false investments in nursing homes
“
I called my client on January 31, out of courtesy, not receiving any payment from her
,
” says Matthieu Legrix.
Christine then told him that she made the transfers to a Boursorama RIB, mentioning the name of the craftsman and his postal address.
She even received a thank you email with the message
“we have received the funds
”.
Problem, Matthieu Legrix is a client of the CIC bank and has no account with Boursorama.
It was “
by filing a complaint the next day that the police told me that my mailbox had been hacked.
We were victims of a scam with fake transfer orders
,” he says.
It took a little over thirty minutes for the hackers to intercept the sending of the email and modify the RIB as an attachment.
These hackers “are real professionals”
For Romain Basset, director of customer service at cybersecurity company Vade, “
These attacks started about two years ago, mainly targeting companies.
But, for 6 to 12 months, individuals have also been affected by these hackers
.
Their method is well established, they first infiltrate a mailbox and monitor the exchanges relating to payments.
Then, they only have to modify the emails by replacing the attachments.
"These are not hackers in cybercafés in Africa, they are real professionals
", states Jean-Jacques Latour, head of cybersecurity expertise at cybermalveillance.gouv.fr.
On the site, this article discusses the procedure for victims: first identify fraudulent transfers and then request the return of funds to the bank.
You must then keep the evidence, change the password to your mailbox and file a complaint with the authorities.
Since it went online in early 2021, the page has been viewed more than 37,000 times.
Devices to protect against attacks
Jean-Jacques Latour and Romain Basset agree on one point, that of making a phone call for any transfer request.
The aim is to check the information sent by email, in particular the concordance of the numbers and if the RIB begins with "FR76" or if it comes from a foreign country.
In order to counter the risks, the director of customer service at Vade advises using a strong password for his mailbox and two-factor identification.
Read alsoA real estate developer victim of a “president scam” of more than 35 million euros
“
On some mailboxes, such as
Gmail
, it is also possible to display the last logins to your account.
For example, if an activation appears in Asia, at 6 a.m., it is unlikely that it is the real user
”, points out Romain Basset.
To access this data on Gmail, simply click on “Manage your Google account”, then “data and privacy” and activate the location history.
Finally, Christine and Yves recovered their 14,000 euros on Monday and paid Matthieu Lagrix by check, to avoid any new scam.
For its part, Boursorama blocked the fake account on February 1 for "suspicion of fraud", without giving further details.
