These communications by SMS, telephone calls or e-mails usurp the name and logo of the Health Insurance in order to recover personal data or to call premium rate numbers.
Clues for spotting telephone fraud:
- When a few seconds of waiting elapse between the moment you pick up and the moment the interlocutor speaks, this waiting time can be the first indication of a connection with a fraudulent call platform.
- The fraudster tries to reassure the insured and elude his vigilance by using the name of the official public services or sometimes more generally of the State services with which he claims to work.
- The fraudster says he works for “ameli” or for “Health Insurance” or for the “digitalization service of FranceConnect in connection with Social Security” or for “the personal training account (CPF)”. He indicates that he wants to check the ameli account or the FranceConnect account or the CPF account of the insured. He asks the insured if he has received an e-mail (or e-mail) and as the latter answers no, the fraudster then offers to resend the e-mail. He indicates that he can only do so after having ensured the correct identity of the insured and asks for the e-mail address, social security number, password for the ameli account, etc. This is how access to the insured’s ameli account is recovered by the fraudster, who can then go to this ameli account to recover the data that interests him, or even to modify personal elements, such as the email address. or the account password.
- The fraudster can also use the identifiers of the ameli account to access sites such as that of the personal training account thanks to authentication by FranceConnect.
- The fraudster insists on the urgent nature of the procedure to be carried out.
Clues for spotting email (email) or SMS fraud
- The insured person receives an e-mail offering a chargeable online service for updating the Vitale card (whereas updating the Vitale card is totally free and can be done in most pharmacies).
- The insured person receives an SMS signaling the delivery of a new Vitale card or announcing that a reimbursement from Health Insurance is pending with a clickable link.
Faced with these attempts at fraud, how can you protect yourself?
Here are some good practices according to Health Insurance to put in place to protect yourself from these frauds which are more and more numerous.
To carry out a procedure or find informationit is important to visit official sites (such as ameli.fr or service-public.fr or government sites whose address ends with “.gouv.fr”).
It is recommended to verify the sender emails before opening them or performing the actions the message asks you to do.
When the Assurance Maladie sends an email to an insured’s personal mailbox and not to their ameli account mailbox, the sender that appears in the “From” field is “Your Assurance Maladie”. If the Health Insurance sends an information message or a newsletter, the e-mail addresses visible behind the sender’s name are health firstname.lastname@example.org Where email@example.com.
Be careful, fraudsters can use very similar email addresses with only a few different letters or characters.
© Health insurance
L’Assurance Maladie never asks for reimbursement validation; never presents itself as customer service; never asks for the ameli account password.
If a Health Insurance agent contacts an insured, he will always be able to prove his membership of the Health Insurance by indicating precise, numerous and correct information on the insured’s file.
An information notification is sent to the insured each time they log in to their ameli account.
Each time you log in to the ameli account, a notification from Health Insurance is systematically sent to personal messaging of the insured (the one he indicated in his ameli account). Its subject is: “Your ameli account – Connection information” and the issuer is “Your Health Insurance” (firstname.lastname@example.org ).
If the insured receives an email indicating a connection to his ameli account when he has not connected, or if the address which writes to him is not exactly this one, he must:
- immediately change their password in their ameli account;
- check if his personal data has been modified in his ameli account (telephone number, e-mail address, bank details);
- contact your health insurance fund very quickly to file a report and obtain the personalized steps to take.
Clarification: if the insured logs into his ameli account via the “ameli account” app using fingerprint login, this security notification indicating each login to his ameli account is not sent.
Please note: some sites offering connection to their personal account using a FranceConnect identity do not send messages each time they connect to the account, as Health Insurance does. It is then an email from FranceConnect (issued by email@example.com) which indicates that a connection has taken place (date, time of connection, account concerned by the connection and identity used for the connection).
Example: “A connection with FranceConnect took place on August 04, 2022 at 10:09 p.m. (Paris time) on the connect.ancv.com site with your Ameli.fr account”.
If it is not the account holder who is connected, he will have to change his password on the account in question and make a report to FranceConnect (the link of the page on which to make the report is provided in the login email received from FranceConnect).