Anti-phishing and anti-phishing filtering: what is phishing or spear-phishing?
Heuristic analysis
|
Anti-relay
|
Botnet / Zombie
|
Bounce
|
Dane
|
Denial of service - DDOS
|
DKIM
|
DMARC
|
DNSSEC
|
False-negatives
|
False positives
|
Bayesian filters
|
FOVI - President's scam
|
FQDN
|
Greylisting
|
Social Engineering
|
White lists
|
DNSBl blacklists
|
Malware
|
MTA / MDA
|
Opt-in
|
Opt-out
|
Ransomware
|
Scam / Nigerian419
|
Phishing
|
SMTP
|
Spam
|
Spear phishing
|
SPF
|
StartTLS
|
Virus
|
Teergrubing
|
Turing test
|
Definition of phishing
Phishing is a fraudulent message using a social engineering technique to steal users’ login details, passwords or bank card numbers. We consider phishing to be a form of spam. Spear-phishing is a variant of phishing in which the recipient is targeted, unlike a more massive, generic phishing attack.
What are the risks of phishing?
You receive an email from your bank, an internet service provider, a website such as ebay or paypal, EDF or even the CAF asking you to update your bank details or login details. This email contains a link directing you to a secure-looking page, identical to the one you’ve seen many times before. You are then asked to confirm your personal details (code or identifier, bank account number, password, etc.) lost as a result of an internal error, for example… Too late, the hackers have your data! Once they have your account IDs, passwords or credit card details, the criminals can simply use or sell them.
France is the second most targeted country in the world (one attack in ten on average). Tens of thousands of websites and URLs have been blocked in France. These days, a good anti-phishing solution is essential for any business.
How can you tell if you’ve been a victim of phishing?
Your e-mail anti-spam solution or anti-virus software can tell you that an e-mail is suspicious. In particular, the e-mail may contain fraudulent links or inconsistent requests for payment. To be on the safe side, do not click on the links in the message, but go directly to the organisation’s website to log in to your user account. By doing so, you will be sure to enter your information and user account details on the company’s page.
If, after providing personal information (bank card number, online payment code, various identifiers, etc.), you realise that you have been the victim of a malicious message and that the attackers have been able to recover your personal data, contact your bank to stop payment on your card and immediately change the passwords provided to the hackers.
Once your user accounts are secure and safe from malicious attacks, the CNIL recommends filing a complaint with as much information as possible, such as the phishing e-mail. In the event of fraudulent use, you may have to produce technical evidence in connection with your complaint.
Advice: A bank will never ask you for your credit card number or contact details. If you receive an email from your bank with a link, use the bank’s home page instead, which you should keep in your favourites. It is important to keep an up-to-date list of trusted sites with your sensitive contacts. As a general rule, always check the destination URL by simply passing the mouse over it and the domain name of the sender of the email. Watch out for spelling and grammatical errors and beware of greetings such as “dear customer”, which are rarely used by professionals but are often used in phishing.
What recourse is there in the event of phishing?
If you have been the victim of a phishing scam, the CNIL recommends that you report it to the authorities. The PHAROS service is the platform for harmonising, analysing, cross-checking and directing reports, set up by the government and managed by the central office for combating crime linked to information and communication technologies (OCLCTIC) to centralise reports of scams, attempted scams or computer fraud on the Internet. Using your IT department or specialist IT security services is also an essential protection measure. These services are able to deal with reports from victims of fraud and provide advice and protection techniques for users.
How do you filter phishing?
SMEs are increasingly the target of attacks and need to put in place a number of cybersecurity safeguards. Securing employee mailboxes is one of the first safeguards to be put in place, along with firewalls and training.
On company e-mail accounts or when you have your own domain name, you can subscribe to a solution such as Altospam to block phishing, but also to protect you from viruses, ransomware and other scams.
Email fraud is increasingly accompanied by phone calls from attackers to gain the trust of victims. Training and communication within organisations is necessary to raise the level of attention against hackers.
Example
Example of phishing to recover Crédit Mutuel identifiers. Message imitating a message from the Crédit Mutuel bank inviting you to enter your credentials on a link.
Altospam application
Altospam’s Mailsafe, with all its systems for combating identity theft (SPF, DKIM, DMARC checks, verification of the sending domain, etc.) and by analysing unusual or suspicious elements in the body of messages, can filter out most phishing and spear phishing attempts. We also provide special protection for banking and financial institutions, whose communications are particularly closely monitored and validated, as they present the greatest risk of harm.
Would you like to strengthen your email security?
Security starts in your inbox. Phishing and Spear attacks are the most common. We offer a free 15-day analysis of your inbox.
