During an OSINT (Open Source Intelligence) session that I’ve conducted, I feel compelled to share an urgent CyberAlert regarding a potential threat targeting SNCF (Connect). During my investigation, I uncovered concerning information that warrants immediate attention from relevant authorities.
Here are the critical findings from my OSINT investigation:
-
Domain Name:
www.sncf-promotion-carte-avantages(.)com
-
IP Address:
(Shared IP)
-
Location:
United States (Hosted on Dynadot)
This domain name, although slightly altered from the official SNCF Connect, raises significant red flags. We can see that the cybercriminal used the same template as the official website of SNCF Connect, such domain, in order to steal data from users based in France (Credit Cards information, Names, Addresses..)
As someone deeply invested in cybersecurity, I urge everyone to remain vigilant and take proactive measures to safeguard against potential cyber threats. By sharing this information, we can collectively work towards preventing a future cyber attack and informing the relevant authorities to take necessary actions.
I encourage you to spread awareness by sharing this post and informing others about the potential risks associated with the mentioned domain name. Additionally, I invite Air Algérie and cybersecurity experts to investigate further and take appropriate steps to mitigate this threat.
Cybersecurity is everyone’s responsibility, and together, we can make a difference in protecting our digital assets and ensuring a safer online environment for all.
#cyber #sncf #OSINT