Nous respectons votre vie privée.
Nous utilisons des cookies pour améliorer votre expérience de navigation, diffuser des publicités ou des contenus personnalisés et analyser notre trafic. En naviguant notre site, vous consentez à notre utilisation des cookies. Politique de confidentialité

Accepter
Représentation de l'hameçonnage phishing

How does phishing work ?

A company you do business with writes to you asking for personal information and, just by reading their correspondence, you feel a sense of urgency? Be careful, it could be a phishing attempt!

Don’t panic: here’s how it works and how to react to phishing.

What is a phishing attack ?

A phishing attack is when a malicious person pretends to be a reputable company, such as a bank, Facebook or Netflix, to contact you and ask for your personal information (banking data, date of birth, account information, etc.). Whether it’s by email, text message or phone call, hackers are inventing increasingly sophisticated techniques to get you to act without thinking about reading their message.

What is the purpose of phishing ?

The goal of phishing is to target human nature’s ability to spontaneously trust in order to extract:

  • Credit card numbers or any other information related to your bank account ;
  • Social security number;
  • Date of birth;
  • Money;
  • Login and/or password;

Typically, phishing takes place through:

 

  • Emails;
  • Clickable links;
  • Phone calls;
  • Text messages;
  • Comments or private messages on social networks;
  • Websites that look like ones you already use;
  • Advertisements.

How do you recognize a phishing attempt ?

Stay vigilant

As already mentioned, it is becoming increasingly difficult to sort out the real from the fake. Whether it’s on your social media or in your emails, you need to stay vigilant. Nevertheless, there are some clues that can tip you off.

Pay attention to greetings

Pay attention to greetings : if they are vague (e.g., sir, ma’am, dear), this may indicate a phishing attempt. A reputable company would always use your first or last name !

Pay attention to the signature and the sender

Along the same lines, pay attention to the signature: if it looks like it’s coming from a fuzzy source, it may be a sign of phishing! You should be able to easily contact the person writing to you in particular to validate their request. If the sender is unknown to you… Chances are it’s because they shouldn’t be able to contact you! If the information or the person in charge is hard to find, there’s something fishy going on !

Pay attention to logos

Pay attention to logos, links, advertisements sent: often, phishing attempts will simply change a letter or element of what constitutes the brand image. If the email says Desjardin instead of Desjardins, it’s probably phishing!

Contact your representative

Often, reputable companies will not write to you for your personal information. Write to your representative or someone you trust before clicking on anything to make sure the requests made to you are from the right place.

Unsolicited message

Phishing messages are never solicited. If you haven’t asked for anything, it may not be true!

Strange structure and spelling

You notice spelling mistakes, the email looks oddly written, the website looks oddly constructed. No major company would let such errors go unnoticed!

Even if none of the above signs apply, a good phishing attempt can be sent from someone you know (impersonation). When in doubt, call the person to make sure of legitimacy.

How to react in case of phishing?

  • Stay calm!
  • Do not click on anything;
  • Contact the people you usually talk to at that company or contact their customer service department;
  • Change the passwords of accounts you believe have been hit;
  • Monitor transactions or activity on your accounts; 
  • Do not provide any privileged information, you risk losing money or having your identity stolen, among other things;
  • Get informed on the subject and the means you can develop to avoid a phishing situation by contacting an IT expert like DMIB!

In short, phishing works because hackers are becoming more and more creative in illegally appropriating the identities of trusted organizations and extracting personal information from you. This widespread fraud scheme requires you to maintain constant vigilance and a degree of doubt before clicking on a link or providing your card numbers.

Don’t be intimidated by a sense of urgency, a profit opportunity, a problem or a threat! There is no rush, your account will not be suddenly closed, you will not lose the chance to win an all-inclusive trip. Act calmly and above all, contact the company to discuss the situation. It is important not to click on anything until you are 100% sure of its origin and reliability. By clicking on files, links or advertisements sent by a cybercriminal, you are giving them the access they need to infiltrate your computer with their software or to steal your data. By developing your critical thinking skills, you can greatly reduce the risk of phishing!

DMIB is here to help you recognize and avoid this strong fraudulent trend, one step at a time. Contact our specialists !

Leave a Reply

Your email address will not be published. Required fields are marked *