In the most common version of the scam, a Facebook post promises that Auchan will send a €50 coupon to anyone who “shares” the post on the social media network.
The post usually includes a plausible image of the “coupon”, including the Auchan logo, a barcode, an offer expiry date, and “terms and conditions” of use.
It then has a link to a website that appears to have “Auchan.fr” in the URL address, but is in fact a longer URL that takes you to a scam site (auchan.fr-anniversaire.com or auchan.fr-anniversaire-voucher.com, depending on the version of the post).
(Facebook / lemonde.fr / Screenshot)
The website then appears to say that it is Auchan’s “birthday”, and asks the user a series of innocuous questions via survey such as “have you bought something at Auchan before?”. The user then has to click on two links to “receive their coupon”.
This grants the website access to the user’s Facebook profile, and asks them to enter their personal details. This is how the scammers access your information, as well as any personal data that is on your Facebook page.
There is no direct request for card or bank account details, but the information could be passed to scammers, who may try to contact you or steal your identity later.
But the post, the coupon, and the website are all fake.
The supermarket group itself has warned against the scam, and indicated that the vouchers have nothing to do with Auchan, and that people should not click the links, share the posts, or take part in any online survey or website offer.
Attention ! Des faux coupons de réduction de 50€, au nom d'Auchan, circulent actuellement sur Facebook pour voler vos données personnelles. Ces démarches frauduleuses ne sont pas liées à Auchan. Ne partagez pas et ne remplissez pas ces formulaires ! Merci de votre vigilance.— AUCHAN (@AUCHAN_France) November 15, 2019
Some people have also reported a similar post and link being shared for the low-cost supermarket Lidl.
This is not the first time a major supermarket group has been apparently involved in a scam in France. In 2018 and early 2019, supermarket giants E.Leclerc and Carrefour were victims of a similar “phishing” scam.
If in doubt, remain alert to any social media posts that appear to offer a voucher or money off for a simple “share”, “like”, or “click”, and do not enter any personal details unless you are 100% certain that a website is genuine. Either type in the URL yourself, or double check the address is real.
If you believe a site or a scheme to be fake, you can alert authorities at the “non-phishing” initiative website, phishing-initiative.fr. “Phishing” is sometimes called “hameçonnage” in French.
The French government also has advice to help people avoid scams (here, in French) with warnings including “never communicate sensitive data over the phone”, “double check a website address by hovering your mouse over it before clicking”, “check the website URL”, and “keep a regular eye on your bank account to check for fraudulent transactions”.
Sign up to our free weekly e-newsletter
Subscribe to access all our online articles and receive our printed monthly newspaper The Connexion at your home. News analysis, features and practical help for English-speakers in France