Wave of cybercrimes against BlaBlaCar users

Blablacar, the app designed to arrange carpools between different travellers heading to the same destination, is facing a significant increase in cyberscams, warns the National Police. In this new form of fraud, the cybercriminals get hold of their victims' bank details and debit their accounts by purchasing cryptocurrencies.

The scam (which is being investigated investigated by cybercrime experts) begins in the Blablacar app. Using a false profile, the hacker will contact their victim.

After a first conversation, in which they express their intention to share the designated journey, the criminal suggests that they continue to make arrangements through Whatsapp, under the pretence of bypassing the commission taken by the app.

Here's the trick. Having gained the victim's trust through methods termed as “social engineering”, the scammer sends their victim a link which supposedly takes them to the Blablacar website, for both parties to input their bank details. This fraudulent page is practically identical to the real one, but by inputting their bank details the victim is actually giving them to the cybercriminal.

The criminal then uses these details to make international purchases, often in cryptocurrencies, charges which are very difficult to recover.