With the advent of the Internet, social communication networks are experiencing significant growth. Who today has not already used online auction sites such as eBay or PayPal? Alongside this boom, social engineering has developed at the same pace, so much so that scammers are legion on the web. Today, we give you some recommendations to avoid falling into the traps of these modern fraudsters who are as numerous as they are well-organized.
What is phishing?
Phishing is a computer technique used by fraudsters to steal personal information from Internet users (full identity, login credentials to a website, credit card number, etc.) with the aim of committing identity theft. As its English name suggests, phishing is a kind of fishing for victims via communication networks.
What are the techniques?
One of the main characteristics of phishing is that the fraudster does not trap their victims individually but collectively. They simultaneously contact thousands or even millions of potential victims, attempting to impersonate their bank or Internet service provider, for example. The fraudster relies on this large number to find gullible or careless recipients.
In practice, the Internet user receives a message from their bank or another company informing them of a security issue requiring them to visit the concerned site and inviting them to click on a hyperlink. However, this link does not lead to the official site but to an imitation often identical to the original controlled by a malicious individual, so if the Internet user clicks on the link and enters information, it will be transmitted directly to the scammer.
Our recommendations
The best advice we can give you is to never click on hyperlinks contained in unsolicited messages asking the recipient to provide sensitive or confidential data, even if it seems to come from a known sender. In case of doubt, prefer to verify the authenticity of the request by phone with the concerned company or visit the company’s site by manually entering its address in your browser, to avoid the risk of clicking on a trapped link or leading to a trapped web page.
In case of proven identity theft:
- Immediately log in to the real site of the company whose identity has been stolen and change your password to prevent your account from being hijacked;
- Contact your banking institution to block your credit card;