“When I received this email, I thought it was a scam, but I almost missed out on financial assistance”

Between the cases reported in the press and the warnings regularly shared by the authorities and legitimate organizations (banks, streaming platforms, telephone operators and Internet service providers, etc.), the population is increasingly informed about the scams, whether by telephone, online or by SMS. And it’s an excellent thing! But by being ultra-vigilant, we can err on the side of caution and delete an official (and sometimes important) message.

Even when you think you know the difference between a scam and an official email, you can be wrong! This almost happened to Sophie, who received an e-mail about the energy check, as part of the complaints campaign for the beneficiaries who were forgotten. Our interlocutor explains to us: “I had already received a strange SMS about the energy check, so when I saw the email, I immediately thought it was a scam. The shipping address, “no-reply-cheque-energie@ asp-public-mail.fr”, seemed strange to me, so I almost deleted the message without going any further. In the end, I read it anyway: lThe links were indeed the correct ones and the email contained a warning about scams. In addition, while doing a search, I saw that the famous “asp” means “Service and payment agency”, an official body. I have actually completed the energy check request form and I am waiting to find out if I am entitled to it. Luckily I took the time to check the legitimacy of the message!”

To tell the difference between a scam message and a perfectly decent message, you need to pay attention to several things. First, does the sender’s email address look legitimate? This can be verified by comparing the format of that contained in messages (invoices, membership confirmation, etc.) already received from the organization which sent the email. Then, you have to look at the links it contains: are these the official URLs of the authority supposedly originating the message? To do this, you should never click on those present in the message and rather go find the address of the site yourself. Likewise, remember that no body will ask you for your password, your bank details or proof of identity by email, SMS or telephone. And in case of doubt, do not hesitate to contact the supposed sender using an email address or a number found on their site to ensure the legitimacy of the approach.

If Sophie’s story ends well, the opposite case can also happen: we receive a phishing message and fall into the trap. If this happens to you, know that the Ministry of the Interior and the site Cybermalveillance.gouv.fr have just launched the platform 17cyberthe equivalent of calling the police for victims of digital offenses (fraud, harassment, threats, insults, discrimination, etc.).