Since its launch in 2019 has personal training account attracts massive crooks who seek to steal this money allocated to all French assets. It’s hard to get out of this harassment.
Our mailboxes are filled with personal training account (CPF) scams. Worse, it’s now by phone that the scammers are trying to trick you into recovering the money the French state has allocated. Between 2020 and 2021, 4,948 reports of CPF fraud were reported to the administration services, reports RTL. We explain to you how criminals have access to your data and what are the means to protect themselves from this spam.
What is CPF?
The personal training account is a device that helps French workers develop new skills over the course of their careers. A person acquires a sum of money – up to 5,000 euros – during the year, which allows him to choose a training course, funded by the state. As soon as you work, you can go to the specially created platform to see the acquired rights and the training available. The CPR number or a FranceConnect account is required to connect. Please note that there is only one website for your CPF: www.moncompteformation.gouv.fr. Everything else can be considered suspicious.
Why are you receiving these messages?
This dormant money attracts scammers who want to remove your account. If you receive so many emails, messages, even phone calls, it is to encourage you to log in to recover your identifiers. Since 2019, the CPF has been feeding a network of criminals. An SMS or email contains a phishing link to trick the victim into offering to connect to a fake platform. As soon as the attacker has recovered the users’ data, he uses the sum allocated to the CPF in a false formation.
The problem is that the certifying bodies are not paying much attention in the education verification process. Thus, some courses are limited to a few videos and a handful of files without much interest. Asked by Les Echos, Arnaud Portanelli, co-founder of the language training organization Lingueo, which originates from the Lilate certification, said: “For commercial reasons, some certification firms prefer the number of partners over the quality of the latter or do not feel concerned about practices in their network of partners”.
How do they get your number?
It is always quite intrusive to receive a suspicious message on your smartphone. The fact that the scammers manage to send you these messages probably means that your number was retrieved somewhere on the web. Your information may be requested when you open an account on a website. The latter may be the victim of a cyber attack. ” Typically, attackers find personal data in leaked databases. These files can be found on the darknet. Some hackers can resell all this information on specialized forums “, Explains Jérôme Soyer, CEO of Varonis, a company specializing in cybersecurity.
” They then use a phone number generator to send a generic message to thousands of people. This number will be deleted and replaced by another within a few days he says.
It is also possible to know if his email address has been leaked on sites like “Have I Been Pwned”.
Can we block them?
Yes, but there is nothing definitive to completely prevent these scams. You can report fraudulent or abusive cold calling on the SignalConso page and then sign up for Bloctel. This platform allows you to be removed from the list of numbers that are open for commercial calls, but nothing really prevents scammers from continuing to contact you, especially with new numbers.
It is also possible to report a link or fraudulent email address on Signal Spam or Pharos. Websites such as the Phishing Initiative, created by Orange Cyberdefense, allow you to test a link to find out if it really is a trap. In any case, it is always better to connect to the official site so as not to take any risk.