After the period of health crisis that we have just passed, most of the employees have returned to their offices. This period allowed us (for those who did not practice it yet) to develop teleworking. Indeed, several companies have decided to allow teleworking time to their employees.
However, if your employees are remote, do you fear an increase in cyber attacks?
Indeed, according to Cybersel, cyber attacks have increased by 20 to 25% since the start of the COVID 19 pandemic (in March).
In this article we will focus more specifically on phishing.
WHAT IS PHISHING / PHISHING?
The means used is identity theft. Indeed, the attack is most frequently based on the counterfeiting of a website and an email (that of a bank, a commercial site, an administration, etc.).
The fraudster generally tries to get in touch with his target with an email with an alarmist subject: “Your account will expire”, “You have just made a purchase”, etc. These emails seem to come from a reliable and trusted source for the target (bank, taxes, administration, telephone operator, etc.) and invite to download an attachment often presented as an invoice or to click on a link to a site counterfeit.
HOW TO PROTECT YOURSELF FROM PHISHING?
We interviewed our IT security manager to enlighten us on the subject and provide us with his expertise.
– What are the different forms of phishing to which a company can be a victim?
There are many types of attacks, which evolve over time and with the technologies available, and which can be more or less developed depending on the target and the issue.
Indeed, there are targeted attacks, with specific means put in place to trap the victim (s), and “mass” attacks, to obtain a low percentage of success by attacking a very large number of victims.
Phishing is a special type of attack that attempts to retrieve information about your business, you, or any sensitive information. Obviously hackers try to steal money as a priority, but not that … it can also be an account that has access to confidential documents, connections on social networks, etc.
Here is a non-exhaustive list of the different phishing attacks that you might encounter:
Counterfeiting of a website
It is not uncommon to get phished because of a fake website. These primarily affect banking establishments and e-commerce sites. One of the most used practices is the so-called “typosquatté” domain. In this case, the name of a high traffic site is misspelled.
Attention, the small green padlock present in the browser, when you make a purchase for example, simply guarantees that the communication between your browser and the site is encrypted, but in no case that the site is “trusted”.
Alert emails
Just like websites, emails can be hijacked for the purpose of phishing users. It is not uncommon for the name of a company or an institution to be misused. These emails can take on an alarmist character. The subjects of these emails could for example be “Your account will expire soon” or “Please confirm your identity”.
A very recent example of an attack to understand that anyone ANYWHERE can get hacked, but we have to take precautions to prevent this form happening!
https://portswigger.net/daily-swig/cyber-attacks
Also note that fraudulent emails can come from a theoretical trusted source such as CAF, Health Insurance or the Tax Center.
For companies, this can be an ISP such as Orange or Free, a domain name provider such as OVH, or any other organization linked to a company service, which can easily be retrieved.
In the same vein, “spear phishing” targets a person or a company in particular with the aim of course of making him click on a link contained in the email received and then steal data. We are therefore in the context of a targeted attack.
The key functions of companies are targeted, thanks to Linkedin and Viadeo for example, with CFOs, RAFs, Accountants, CEOs, CEOs, CIOs, etc.
Other types of phishing
Other phishing attacks include the recovery of credentials. To achieve this, cybercriminals create fake ID portals or redirect traffic from one site to another. In other situations, fraudsters use profiles of relatives to gain the trust of their victims and steal sensitive information. This is called “smishing” if text messages are used or “wishing” when cybercriminals use the WhatsApp application.
In the event of phishing, act quickly! The first reflex to have is to contact your banking establishment (s). You can also report the fraud on the PHAROS platform and file a pre-complaint online.
