Phishing: what is it?

Malicious practice of pretending to be a reputable site, “phishing” or “phishing”, is a case of identity theft. The aim of the game ? Attract you to a plagiarized site by means of an unsolicited e-mail (or e-mail in French) which reuses the skin of the “counterfeit” site to invite you to go to a fake site in order to update certain personal information and ultimately defraud you. So be careful! The Futura editorial team tells you more about this growing practice as well as some tips to beware of a questionable email.

What is a phishing attempt?

• ” If you do not pay the postage within 24 hours your package will not be delivered. ”
• ” You will receive a tax refund, click here to access the form. ”
• ” Your bank’s regulations have changed, please submit your membership request by clicking on this link. “

Here are some examples of emails that you will certainly receive at your address from messaging and which are typically advertisements to be wary of. By clicking on the links (which we strongly advise against!), You will land on a site which contains all the codes and the graphic elements of the trust portals. This bogus site usually includes an equally bogus questionnaire or form that you expressly need to fill out based on what the message says.

But on this plagiarized site, Internet users are encouraged to enter their telephone number, their Social Security number, their bank details and sometimes even their credit card codes. So much information that is sensitive for you and lucrative for online crooks who can then achieve their goal: to get you money.silver or use your very personal information to harm you.

The challenges facing cybercrime have multiplied in recent years, hence the need for some companies to be supported by experts. Moreover, many training courses for these new jobs are developing and it is quite possible to follow a cybersecurity consultant course in order to audit and guide sensitive companies in their protection process.

the phishing in a few numbers

In practice, mirror sites similar to official portals are created, then Internet users are solicited by mass totally at random with “spam” type e-mails which use the graphic design of the hijacked website.

This deception continues to grow as evidenced by these few figures:

• Google has looked into the issue of the number of phishing existing systems and recorded an increase of 27% in one year in January 2021, as the reports the London company Tessian.
• the phishing remains a major threat for many companies which are becoming prime targets. Indeed, many disguised e-mails consist of deceiving users in order to steal money. But many hackers are also motivated by espionage or the theft of intellectual property. 57% of attacks phishing with companies have been successful, according to Vaaadata, specializing in security audits.

Unfortunately, many attacks are successful due to human error. So to remedy this, certain good practices should be adopted in order to minimize the risks ofPhishing.

How to recognize an email from phishing ?

the phishing Being the most popular and frequent cyberattack, it is essential to know how to protect yourself against it and easily identify fraudulent emails.

• First of all, you should use a filter anti spam on your mailbox in order to reduce the reception of risky messages or obtain the “spam” indication if they reach your inbox.
• Information to users or in-house training for companies also helps reduce the risk of human error in the face of these deceptive emails.
• Do not share your sensitive information. As the platforms of administrations and banks indicate, for example, official establishments will never ask you for your bank details by e-mail!
• Before clicking on a link, check its URL. You will see that this web address redirects to a site with a more complex internet address.
• Look at the sending email address. Very often, the first clues appear in the e-mail address that sent you this message. A double vowel or even a denomination that is not the same as usual should alert you. This is what we call the brand spoofing(trademark usurpation in French).
• If in doubt, contact the company concerned by another means: the official website or a telephone number. She will be able to tell you if it is indeed a real e-mail from her services or if she is not the source of this contact.
• Activate the double authentication, choose secure passwords or change them regularly. These actions can protect you from a cyber attack.
• Finally, in the event that you have clicked and provided information related to your bank accounts, contact your bank without delay in order to block your card and prevent direct debits.

While the complexity of online attacks is steadily progressing, these few tips should alert you and help you deal with questionable messages …