Health Insurance is once again the target of a phishing campaign. This time, hackers exploit the image and visuals of the organization and use the pretext of the expiry of the vital card to trick users. Via a fake site, hackers hope to recover personal and banking data.
Clearly, health insurance is regularly targeted by hackers and crooks on the web. It must be said that the organization is used by millions of French people. As a result, cyber scammers do not need to be asked for copy the image and visual codes of Health Insurance to trick users.
Already in early March 2022, the Ameli site was hacked and the personal data of 510,000 French people ended up for sale on the web. This time it’s a whole new phishing campaign. Indeed, the scammers pretend to be Health Insurance and send SMS to users tor warn them of the imminent expiry of their vital card.
By clicking on the link contained in this fake text message, users are redirected to a fraudulent site that uses the interface, design and logos of the Health Insurance. Unsurprisingly, Internet users are asked to fill out a form to “update the information contained in the card” such as surname, first name, email and postal address and finally the bank card number.
Also read: Beware of these fake job ads, they threaten to steal student money and data
A perfectly executed carte vitale scam
Regarding this last data, the hackers ensure that an update of the banking information is necessary for the sending of your “new vital card”. Besides, you will have to pay between 0.95 and 4.90 € in administration fees. As you will have understood, your vital card will never arrive, and the scammers will take advantage of this to empty your account thanks to the banking information provided. In the first place, Health Insurance reminds that a vital card never expires. Once you know this, you are able to detect these types of scams much more easily. In addition, the Health Insurance specifies that:
- There is no folder reference in the subject line of the emails she sends
- No personal data will be requested by email.
- The organization never asks for reimbursement validation
- The organization never presents itself as customer service
- Nothing is written in red in the emails sent to the insured
In case of doubt about the origin of an email or an SMS, Health Insurance advises to systematically go through its Insured space by logging in manually via the official website.