Bank Phishing in France: How to Spot and Avoid Fake SMS from Your Bank

Bank phishing is exploding in France with a 70% annual increase. All major French banks — BNP Paribas, Societe Generale, Credit Agricole, LCL, Banque Populaire, Caisse d'Epargne — are targeted by increasingly sophisticated campaigns. Scammers send SMS messages with spoofed sender IDs that display your bank's name.

The BNP Paribas "Cle Digitale" Campaign

One of the most widespread campaigns targets BNP Paribas customers. Victims receive an SMS appearing to be from BNP, informing them that their "Cle Digitale" has been deactivated and they need to click a link to reactivate it. The link leads to a perfectly replicated fake site.

How to Spot a Bank Phishing SMS

Clue	Explanation
Link in an SMS	Your bank will never send you a link via SMS
Artificial urgency	"Your account will be blocked in 24h"
Spoofed sender	The displayed name can be faked through spoofing technology
Spelling errors	Often present but not always
Request for credentials	Your bank never asks for codes via SMS

Best Practices

Never Click a Link in a Bank SMS

This is rule number one. Always open your bank's official app or type the website address directly in your browser.

Enable Transaction Notifications

Set up your banking app to send an alert for every transaction. This way, you will immediately detect any unauthorized operation.

Use Strong Authentication

Prefer an authenticator app over SMS for two-factor authentication. SMS can be intercepted through SIM swap attacks.

Share Banking Links Securely

When you need to share bank details or a banking link with someone, use LOCK.PUB to create a password-protected link with an expiration date. Whether sharing via iMessage, Messenger, or email, an unprotected link can be intercepted or forwarded without your consent.

How to Report Phishing

1. Forward the SMS to 33700 (French fraudulent SMS reporting platform)
2. Report on Pharos — Official platform for reporting illegal content
3. Use Signal Spam — For reporting phishing emails
4. Visit Cybermalveillance.gouv.fr — For help and guidance

Most Targeted Banks in France

• BNP Paribas — "Cle Digitale" campaign and fake security alerts
• Societe Generale — Fake transfer confirmation emails
• Credit Agricole — SMS spoofing the customer service number
• LCL — Fake sites mimicking the login interface
• Banque Populaire — Phishing via emails with official logos
• Caisse d'Epargne — Fake security update SMS

The "Smishing" Trend in 2025

SMS phishing ("smishing") is now the most common form of phishing in France. The reasons are clear:

• SMS messages have a 98% open rate (vs. 20% for emails)
• Sender ID can be spoofed easily
• Smartphones display less security information than desktop browsers
• Users are more likely to click impulsively on mobile

Protect Your Family

Share this article with family, especially elderly relatives. Create a secure memo on LOCK.PUB with your bank's official numbers and security guidelines, then share it with a password only family members know.

Bottom Line

Bank phishing is up 70% in France. Never click a link in a bank SMS, always use your bank's official app, and report every phishing attempt to 33700, Pharos, and Cybermalveillance.gouv.fr. To share banking information securely, use tools like LOCK.PUB that add password protection and expiration.