This phishing campaign against Carrefour uses a “reward survey” scheme to steal credit card data and register victims for hidden subscriptions, often promoted via social media. The multi-stage attack involves fake surveys and “lucky” games, designed to trick users into paying a small shipping fee, which is actually a pretext to capture sensitive banking information.
Incident Report: This malicious interface was intercepted, verified, and locked down firsthand by the
Antiphishing.bizsecurity team during our automated link scanning workflows. To protect the public, the phishing source domain has been fully defanged within our infrastructure. We document and analyze these live visual patterns to help security researchers and users detect replica fraud techniques before financial damage occurs.
Screenshot 1 (Landing Page): Uses legitimate branding and fake social proof (comments) to establish credibility.
Screenshot 2 (Survey): Simple questions are used to boost engagement and reduce suspicion.
Screenshot 3 (Prize Game): A rigged box-opening game creates a false sense of winning to entice further action.
Screenshot 4 (Payment Form): Steals full credit card details (Number, Expiry, CVV) for fraudulent charges and subscriptions.
Protection Measures:
Verify the Domain: Official promotions only occur on the retailer’s official website.
Too Good to Be True: Large prizes for simple surveys are guaranteed scams.
Never Pay for Prizes: Legitimate companies do not charge fees to receive gifts.
Monitor Accounts: Check bank statements for fraudulent charges or unexpected subscriptions.