Cityscoot asks its customers to be “vigilant”. It could be a sign that a phishing campaign is underway.
On the morning of July 23, Cityscoot sent its customers a phishing prevention email. Without giving a specific example, the company gives general advice on how to recognize fraudulent messages.
She recalls that her emails are sent from an address ending in cityscoot.eu, her official domain name, and invites her customers to report any other email address that would use her identity.
This message could be a sign that a phishing campaign is currently targeting users of the service. Contacted by Cyberwar, Cityscoot has not yet confirmed the existence of such a campaign.
If you have received a phishing imitating Cityscoot, you can send it to us at firstname.lastname@example.org. We will thus be able to analyze it and better prevent the targets of the campaign.
Checking the email address is not enough
The purpose of phishings is to push the target to error by pretending to be a legitimate email. The objectives vary from case to case: some phishings try to get fake login or payment forms filled out, others try to download malware hidden under a benevolent guise. Most often, the operators of malicious messages want above all to recover personal information (email, phone number, address), identifiers (pseudonyms and passwords) and above all, banking information. This data will then either be exploited directly by hackers or sold on black markets to other criminals.
Be careful, contrary to what Cityscoot’s email suggests, checking the address of the sender of the email is not enough. For good reason: with a very simple manipulation, a resourceful thief can change his display. So you will see that the email comes from “email@example.com” for example, while it was sent from another email address. To confirm that the address displayed corresponds to that of the sender, you have to go to the header of the email, which is not necessarily understandable by everyone.
But you don’t have to be comfortable with computers to recognize a phishing, you just need to follow a few digital hygiene measures.