Understanding and protecting against phishing

Etymologically, the word phishing comes from the contraction of the English words password and fishing, and literally means “fishing for passwords”. Phishing is therefore a malicious hunt for Internet users’ personal data by hackers or ill-intentioned individuals.

This article looks at the phenomenon of phishing, offering tips on how to protect yourself against it, before describing the consequences when it occurs.

What is phishing?

Phishing is a fraudulent technique designed to trick Internet users into disclosing personal or banking data by pretending to be a trusted third party. The ultimate goal is to have free access to our information system and to obtain protected resources.

Phishing is the sending of bogus e-mails and mails, with the aim of stealing the user’s login and password via a return e-mail or web form, usually hosted on a hacked site.

Even if phishing attempts are getting better and better, it’s still possible to recognize them with a little vigilance. Fraudulent e-mails often present warning signs such as: tempting offer, suspicious appearance, unexpected attachment, fictitious delivery address… which you must learn to detect and recognize.

To protect yourself from phishing, it is advisable to :

  1. Never communicate personal or banking data to third parties by e-mail or telephone;
  2. Always check the address of the site you wish to access in your browser to see if it corresponds exactly;
  3. Never access sensitive sites via navigation links or check the authenticity of these links beforehand;
  4. Always use complex, separate passwords to access each different site, so that the theft of one doesn’t compromise all your personal accounts;
  5. Check the times and dates of the last connections to identify any illegitimate accesses.

Consequences of phishing

The consequences of phishing are manifold. The most obvious are the potential financial losses. The latter, while a real problem, are not the only consequences of phishing attacks. We have a few other consequences such as the cost of business downtime, loss of sensitive data, reputational damage, customer attrition… which are damaging.

In addition to all this, phishing attacks cause other significant damage. After all, most of these attacks are not isolated, one-off acts aimed at defrauding bank accounts.

Phishing attacks are also carried out by criminal organizations as a precursor to larger-scale phishing attacks, the consequences of which are often irreversible.

On the other hand, companies that fall victim to phishing are highly exposed to legal action. This is because customers hold them responsible for the disclosure of their personal data and demand redress.

Last but not least, no company is isolated any longer. They are connected to customers, end-users, suppliers and other stakeholders. A phishing attack doesn’t just have financial consequences, it also makes you patient zero in a veritable cyber epidemic.

Test Altospam’s solutions!

Thousands of companies, CTOs, CIOs, CISOs and IT managers already trust us to protect their e-mail against phishing, spear phishing, ransomware, …