Fraudsters are looking to get our clients’ Criteo credentials or to steal money from anyone by impersonating us. Be aware of the dangers and protect yourself.
Ongoing Phishing/Fraud campaigns
Phishing and fraud attempts impersonating Criteo could target anyone. To protect yourself, we have provided examples of recent malicious attempts below. If you have doubts about the authenticity of a communication from Criteo, please refer to this list.
Fake recruitment campaign
Hackers are impersonating us on a fake recruitment campaign. They’re asking for personal details but there’s no actual job offering.
Reminder: Criteo is not communicating on Telegram, Signal, or any other dedicated messaging platform. Any accounts claiming to be us on those channels are fake. We are only present on Facebook, Instagram, YouTube, X and LinkedIn. If you want to work for us, please visit our official career page.
Scammers are impersonating Criteo, proposing micro jobs/tasks
Scammers are impersonating us, trying to trick people into performing certain tasks (such as website rating, etc.) in exchange for payment. They’re using social media platforms like Telegram and TikTok.
They usually ask for a crypto wallet (Binance, Moonpay, …) or the related passwords to obtain a “salary”.
Reminder: Criteo doesn’t operate in that manner and will never ask you to complete tasks in order to receive money. Do not agree to open a crypto wallet if you’re asked, and never share your passwords with anyone. Please report the scam through your messaging application.
Criteo Advertise Investment Marketing
Scammers are trying to steal money by using a fake company labeled “Criteo Advertx Trading”. WhatsApp is one of the channels they use to contact you.
They propose different investment formulas. To invest, money has to first be deposited in a bank account. A refund with a big bonus percentage is promised.
Reminder: Criteo will never ask you to deposit money in order to earn a commission. This is not what our business is about.
Financial fraud attempts
Fake domain names that look very similar to ours are used by fraudsters in an attempt to impersonate us.
They target our customers and try to convince them to modify their Criteo account payment settings to point to their own bank account.
Customers receive an email from an apparently real employee of Criteo whose email address looks legitimate but actually isn’t (firstname.lastname@example.org instead of email@example.com for example). That (fake) person may ask for a payment/email modification or access to sensitive information.
The differences between fake domain names and ours are sometimes subtle. Our advice is to pay extra attention to domain names and links inside all emails.
Fake login pages
Fraudsters have registered several domain names to impersonate Criteo. They used these domains to host fake login pages with a design similar to ours and sometimes with the exact same content. The fraudsters will then proceed to steal the credentials from unsuspecting customers trying to connect to their Criteo accounts.
The only official URLs to sign-in to your account are : account.criteo.com and login.criteo.com
Fraudulent domains that resemble our official Criteo domain were registered and have been used in a fake recruiting campaign.
The fraudsters are misleading victims into believing they will earn money through commissions obtained as a Criteo agent.
The fraudsters request that several deposits be made along the way to “activate a data creation process” and complete the operation. This is a scam, Criteo will never ask you to deposit money in order to earn a commission.
Report a phishing attempt
To report a phishing (email, WhatsApp, SMS…) attempt, please send the example to firstname.lastname@example.org. You can do so by forwarding us the example as an attachment, or by dragging and dropping it in the mailbox window.
Why report a phishing attempt?
You’re helping us fight scams targeting Criteo customers
You’re helping yourself by reducing the number of similar messages you may receive in the future
What happens after your submission?
Our security team will analyze your report
If relevant, we will take measures to stop the phishing campaign (takedown notices, blocking the spammers)