Recently, many frauds campaigns offering free Nike shoes here and IKEA vouchers of 500€ there have been going on. Last case in date, a fraudulent e-mails campaign announcing the winning of airline tickets with a nice value of 500€, graciously offered to the winners of a supposed contest proposed by Air France airline company. This scam has circulated around France and was shared on social networks, by e-mails and even relayed on WhatsApp.
A misleading typography: typosquatting
If we look at the e-mail in question, the link www.airfrạnce.com, inserted in the message, seemed to correspond to the official website address of Air France. Except for one little detail… The “a” of France is not a “a” of Latin alphabet but the “ạ” of Vietnamese alphabet. A single dot close then! Amazing case of typosquatting, a practice misleading web users by replacing, adding or deleting a letter in a domain name with the famous brand. Without enough vigilance, web users while thinking they are on a trusted website, could click on the link and find themselves redirected towards a page totally independent of the official website of the brand. On this page, a form to fill with their precious personal data in order to have a chance to win free tickets in this case. A confirmed scam.
The aim of these phishing and frauds campaigns is to collect as many personal information as possible. In other words, the identity thieves, the source of this kind of online attacks seek to obtain the e-mail, phone number and all interesting data of the tricked Internet user.
It was after the alert by Zataz website was sent, that Air France confirmed that it was indeed a fraud. It also encouraged web users to not consider this kind of message. It is also important to specify that the official website of the airline company is secured and authenticated by an SSL certificate, the browsers displaying the https://www.airfrance.fr
What to do in front of these attacks and how to prevent them
The first reaction to adopt is wariness on the user’s side. The more the offer and the benefit are attractive, the more cautious you should be. Don’t communicate your personal data via a form or by return of mail without checking beforehand the request’s authenticity.
Always check the final URL of the page on which you are redirected, be attentive to the typography. Generally, only the information on site are official. An SSL certificate presence and the proprietary data displaying are also good indicators.
On the brands owners’ side, a naming and defensive registration strategy allows to best protect its users. The efficient monitoring implementation will also allow to detect phishing attempts as soon as possible and to take action early in order to stop them.