Fraudsters are looking to get our clients’ Criteo credentials or to steal money from anyone by impersonating us. Be aware of the dangers and protect yourself.
Ongoing Phishing/Fraud campaigns
Phishing and fraud attempts impersonating Criteo could target anyone. To protect yourself, we have provided examples of recent malicious attempts below. If you have doubts about the authenticity of a communication from Criteo, please refer to this list.
JANUARY, 2023
Criteo Advertise Investment Marketing
Scammers are trying to steal money by using a fake company labeled “Criteo Advertx Trading”. WhatsApp is one of the channels they use to contact you.
They propose different investment formulas. To invest, money has to first be deposited in a bank account. A refund with a big bonus percentage is promised.
Reminder: Criteo will never ask you to deposit money in order to earn a commission. This is not what our business is about.
AUGUST, 2022
Financial fraud attempts
Fake domain names that look very similar to ours are used by fraudsters in an attempt to impersonate us.
They target our customers and try to convince them to modify their Criteo account payment settings to point to their own bank account.
Customers receive an email from an apparently real employee of Criteo whose email address looks legitimate but actually isn’t (xxx@criiteo.com instead of xxx@criteo.com for example). That (fake) person may ask for a payment/email modification or access to sensitive information.
The differences between fake domain names and ours are sometimes subtle. Our advice is to pay extra attention to domain names and links inside all emails.
MAY, 2022
Fake login pages
Fraudsters have registered several domain names to impersonate Criteo. They used these domains to host fake login pages with a design similar to ours and sometimes with the exact same content. The fraudsters will then proceed to steal the credentials from unsuspecting customers trying to connect to their Criteo accounts.
The only official URLs to sign-in to your account are : account.criteo.com and login.criteo.com
Fraudulent domains that resemble our official Criteo domain were registered and have been used in a fake recruiting campaign.
The fraudsters are misleading victims into believing they will earn money through commissions obtained as a Criteo agent.
The fraudsters request that several deposits be made along the way to “activate a data creation process” and complete the operation. This is a scam, Criteo will never ask you to deposit money in order to earn a commission.
Report a phishing attempt
To report a phishing (email, WhatsApp, SMS…) attempt, please send the example to security@criteo.com. You can do so by forwarding us the example as an attachment, or by dragging and dropping it in the mailbox window.
Why report a phishing attempt?
You’re helping us fight scams targeting Criteo customers
You’re helping yourself by reducing the number of similar messages you may receive in the future
What happens after your submission?
Our security team will analyze your report
If relevant, we will take measures to stop the phishing campaign (takedown notices, blocking the spammers)
