Fifty-one percent.
This is the proportion of people, out of a sample of French people over the age of 18, who have already been confronted with an attempted bank data scam, according to a survey published last fall by the French Banking Federation.
Among them, 7% fell into the trap and were relieved of several hundreds, even thousands, of euros.
In 2022 alone, the national platform Cybermalveillance.gouv.fr received 280,000 requests for assistance, 90% of which came from individuals.
Lack of vigilance, poor mastery of digital tools, ignorance of threats, etc.
: crooks know how to exploit the slightest loophole to extract passwords, personal data and, ultimately, money from their victims.
The old techniques based on sending an e-mail announcing a big lottery win or a reimbursement from Medicare are in decline, but still continue to be used.
Above all, new tricks are constantly appearing.
Faced with this constantly renewed arsenal, Internet users can feel powerless.
In reality, protecting yourself from Internet threats and considerably reducing the risk of being tricked is within everyone's reach.
We have listed the most common scams and the solutions to avoid them.
Phishing, or phishing
The method
An email invites you to renew your Vitale card, informs you of an overpayment, alerts you to a problem with your bank account, etc.
It takes the form of a message from a known administration or company and asks you to click on a link to be directed to the site concerned.
This one seems authentic in every way, so you feel confident.
You identify yourself by providing the personal or bank details requested.
In fact, the site is a fake and you have just entrusted sensitive elements to a scammer.
"
It's the number one threat,"
notes Jean-Jacques Latour.
It goes less and less through emails, three-quarters of phishing attempts are now sent by SMS.
The novelty, since 2022, consists in contacting a person by telephone in the days following a phishing attack by pretending to be a bank advisor.
On the pretext of having spotted suspicious transactions on his accounts, the fake banker offers the victim to solve the problem with her.
He then took the opportunity to rob his accounts and had him validate transfers by SMS
.
"
The damage can amount to tens of thousands of euros
,” laments the cybersecurity expert.
Detect the scam
Any unsolicited SMS or email should be treated as suspicious.
This simple rule is enough to protect you.
You will avoid phishing by keeping in mind that no administration or company – let alone one of which you are not a customer – will contact you to ask you for your bank details or your passwords.
Check the sender's address, it is often fanciful.
An e-mail subject that is too enticing or, on the contrary, alarmist should also alert you.
Likewise for a message that is not personalized and could be addressed to anyone.
Distrust also as soon as you are asked to click on a link or open an attachment.
The solutions
Contact the organization concerned to confirm the authenticity of the message received.
If you have communicated your bank details, immediately object to your bank and file a complaint.
Immediately change all passwords to access the services involved.
If you use these same passwords for several other sites, change them too.
Read also“It’s a circle of complicity”: in the footsteps of fake bankers who siphon off the accounts of thousands of French people
To know
80% of searches for assistance on the Cybermalveillance.gouv.fr platform in 2021 relate to the 10 main forms of phishing.
fake tech support
The method
You are surfing the web when the screen suddenly displays an alert message indicating that your computer has a serious technical problem.
You are invited to contact Microsoft (or Apple, Google, etc.) technical support by telephone.
Your interlocutor confirms the bad diagnosis, asks you to install a program allowing him to take control of your machine remotely so that he can correct the problems.
In fact, your PC has never had the slightest problem.
But it's too late, the fake technical support has pretended to work on your computer and presents you with an invoice for several hundred euros.
Worse, some crooks will take advantage of the operation to steal your passwords and connect to your bank accounts.
Detect the scam
Do not panic in the face of a disturbing message that appears while you are browsing pages.
Microsoft or Apple will never ask you to reach them by phone.
If your computer seems to be frozen, disconnect the internet connection and restart it to resolve the alleged problem.
The solutions
It's too late, have you already called the "
technician
"?
Keep the evidence (photograph your screen, write down the phone number mentioned in the message, etc.), uninstall any new application, including the one that technical support used to intervene on your computer.
Run a virus scan and change your passwords.
At the same time, object to your bank, file a complaint and report the facts on the Pharos platform of the Ministry of the Interior.
Cutting-edge pirates
They are constantly reinventing their methods and approach techniques.
“Cybercriminals always tend to surf the news
,” comments Jean-Jacques Latour, director of cybersecurity expertise at the Cybermalveillance.gouv.fr platform.
From Crit'Air thumbnails to personal training accounts, they seize on up-to-date subjects to approach their victims.
Read alsoCybercrime: the edifying radioscopy of scammers who roam the web
Ransomware or ransomware
The method
After clicking on a link or opening an attachment in an email, your PC freezes or prohibits access to your personal files by encrypting them.
Only one solution: obtain the decryption key by paying a ransom to the hacker.
Detect the scam
It's an attack type that's impossible to spot before it does its damage.
You will stay away from it by regularly applying updates to your operating system and your antivirus, as well as by prohibiting yourself from clicking on attachments and links present in e-mails.
The solutions
Disconnect your computer from the internet and do not pay the ransom, you would have no certainty of recovering access to your data.
File a complaint and then turn to services like nomoreransom.org to try to find a solution to decrypt the infected files.
Read alsoCyberransoms: should SMEs be compensated?
6 TIPS TO AVOID GETTING TRAPPED |
Choose complex passwords that mix upper and lower case letters, numbers, as well as special characters, for each of your online services. Change it regularly. |
Update your operating system and software regularly to fix security vulnerabilities. |
Install a security suite on your computers, tablets and smartphones to scan and protect your devices. |
Disseminate your personal information as little as possible on social networks and other platforms. |
Make regular backups of your personal data on an external medium (hard drive, USB key, etc.) that you disconnect each time. |
Be suspicious, pirates take advantage of the gullibility and lack of attention of their prey. |
Email hacking
The method
A dishonest person can recover your e-mail password in different ways: it lacked complexity and was easy to recover with specialized software;
you have been the victim of a phishing attempt;
you use the same one on several sites, one of which has been hacked… Provided with access to your email, the hacker is then able to request the reset of the passwords you use for all your digital services.
Detect the scam
Several clues show that your email account has been hacked.
Emails are sent to your contacts asking them to help them out financially.
Your social network passwords suddenly change and prevent you from logging in.
You notice abnormal movements in the way your emails are organized or deleted in your mailbox.
The solutions
Try changing your password.
But if the operation proves impossible - because you no longer have access to your own account -, call your messaging service directly to report the attack against you and request that your password be reset.
You will take the opportunity to choose a very robust one that will only be used for your messaging.
Activate the double authentication which requires a confirmation by SMS on your mobile phone for any new connection to your account.
If your bank details were present on your email account, notify your bank and oppose the means of payment concerned.
TO REMEMBER
If you are asked by email for the data below, it could be a scam:
your bank details (access code to your accounts, cryptogram of your bank card, etc.)
your passwords
click on a link to recover a claim
to send money to a friend in distress in a foreign country or stranded at the airport
to pay money to law enforcement who have identified your frequentation of adult sites.
