Phishing emails

PHISHING EMAILS: PREVENTIVE MEASURES

 

Are you encouraged to communicate important information?

  Don't fall into the trap.  

Phishing is a fraudulent technique designed to trick Internet users into providing personal data (access accounts, passwords, etc.) and/or by pretending to be a trusted third party. It can be a fake message, SMS or phone call from a bank, social network, telephone operator, energy supplier, website e-commerce, administrations, etc... These attack techniques are constantly evolving. The following tips will help you determine whether a message is legitimate or not. 

  WHAT IS GOING ON?  

1- You receive a booby-trapped email 

The suspicious email prompts you to:

- click on an attachment or a booby-trapped link.

- Communicate information Personal.

Impact of the attack: Privacy,  Authenticity

2. The attacker pretends to be a trusted person or third party

The attacker is able to:

- Take control of your system.

- Use your information.

Main motivations: Damage to image,  Lure of profit, Claim,  Espionage,  Nuisance, Sabotage.

  HOW TO REACT?  

You are a victim - Don't waste a moment! 

1 - Immediately renew the credentials of compromised accounts.

2 - Contact your IT department or an expert (or find yours at).

ITServe Alliance

CompTIA

3 - Report the incident on:

This links are relevant to reporting online harassment, abuse, or illegal activity in the USA.

ReportFraud.ftc.gov

Consumer Sentinel Network

Cyberbullying.org

Internet Watch Foundation (IWF)

4 - File a complaint with the competent services.

Consumer Financial Protection Bureau (CFPB): OnlineComplaint Form

Department of Justice (DOJ): Civil Rights Division

Federal CommunicationsCommission (FCC): Consumer Complaint Center

Equal Employment Opportunity Commission (EEOC): OnlineCharge of Discrimination

5 - More advice with INFO SCAMS (toll-free number)

The Federal Trade Commission (FTC) is a reliable source for information and assistance regarding scams in the USA. They offer a toll-free number for consumers to report scams and get advice: 

1-877-FTC-HELP (1-877-382-4357)

You can also file a complaint online through their website.

  HOW TO PROTECT YOURSELF?  

Don't fall into the trap 

- Never click on a link or attachment that seems suspicious.

- Never reply to a suspicious email. If in doubt, contact the sender through another channel.

- Avoid the snowball effect! Have a unique password for each application.

(The snowball in cybersecurity refers to an incident where a small security breach or vulnerability can turn into a much larger, more damaging incident It rolls down like a snowflake, becoming larger and more damaging as it gains momentum .)

- Check your email account's security settings.

- Enable two-factor authentication:

Here’s a simple guide to compromising two things:

1- Access Settings: Find your account settings or preferences section.

2- Know Security: Look for options related to security, privacy, or accounting policies.

3- Look for two-factor trust: Look for "two-factor trust" or a similar term.

4- Enable Feature: Toggle the switch to "On" or select the option to enable two-factor authentication.

5- Select a method: Select the preferred method, such as security code app, SMS, or hardware token.

6- Verify your identity: Follow the instructions provided to verify your identity, usually using a code sent in the method you have chosen.

Note: The exact steps may vary slightly depending on the platform or service you are using. If you have any problems, refer to the specific support documentation or contact Customer Support.