New faces in phishing

Phishing is a way for malicious users to steal your personal information, such as your credit card number, via spam and use it illegally. Unlike conventional spam, the spam sent out by these unscrupulous users appears to come from well-known or even official sites.

The latest phishing scams came in the form of a billing file update for subscribers to Internet service provider Free, and a form purporting to be from the CAF (French social security office). With these new ways of copying or reproducing official documents, it’s becoming increasingly difficult for users to distinguish between authentic and spurious messages.

To limit phishing, there are a few rules to follow. First of all, don’t send us any personal information by e-mail (RIB, credit card, etc.). If you think that this message may indeed come from your bank or other serious organization, before sending the information via the Internet, you need to make sure that the organization in question actually carries out this type of e-mail campaign. To do this, simply contact them before sending the information. If you think the message is from one of the organizations to which you have subscribed, don’t use the link in the e-mail, but retype the site’s URL in your browser’s URL bar. This will enable you to highlight the real destination of your information. Before entering personal information into a form on the Internet, check that the site uses encryption and is secure, for example by displaying a padlock symbol in the status bar. You should also keep an eye on your bank and credit card statements, and if you have any doubts, inform your opposition service. Rigor, common sense and vigilance are the keys to avoiding the phishing trap.