June 25, 2024

Phishing attempts are now more sophisticated and rampant, both at work and home. They now creatively exploit not just emails, but also SMS and social media platforms. As a digital society leader, we are dedicated to thwart these threats by educating the public on phishing and recommending preventive measures.

Defining Phishing

Phishing is a malicious tactic hackers use to gather your private data without your consent. They typically create a sense of urgency, threat, or abnormal situation to fool you into divulging private details such as identity, professional info, passwords, etc., by impersonating entities you trust.

Grand Picture of Phishing

74% of data breaches are caused by human errors according to the Verizon Data Breach Investigation Report. Phishing attacks rose by 47.2% in just one year, as found by Zscaler ThreatLabz. VadeSecure detected over 562.4 million phishing emails in Q1 of 2023 alone.

Threats in Evolution

The genesis of phishing involved sending fraudulent emails. The recipient would unknowingly click on a harmful link and be directed to a counterfeit website. These techniques have advanced to smishing (SMS phishing) and vishing (voice phishing). Hackers now leverage AI algorithms to make their messages appear genuine and imitate the voices of familiar individuals.

Pros Not Exempted from Attacks

While one in four French people report receiving a dubious message daily, the threat extends beyond the general public. Professionals, including freelancers, SMEs, large corporations, and even public organizations, are also at risk. 42% of business leaders concede to being highly concerned about cyberattack risks as per a 2023 Orange Cyberdefense Harris Interactive study.

Recognising Attacks

Be alert for these five tell-tale signs of phishing:

1. A sense of urgency or potential financial gain or a story relating to current events

2. An unknown sender’s email address or phone number.

3. The message solicits confidential data via email or SMS which a legitimate entity would never ask for.

4. The message has glaring grammar or spelling errors or expressions unfamiliar to an official entity.

Responding to a Scam

If you’ve received a suspicious email or text message:

  • Don’t respond, click on links, or open attachments.
  • Report the message as spam or discard it.

If you’ve fallen prey to phishing or suspect your info has been compromised:

  • Immediately change your leaked password and update it on other accounts if you’ve used the same password.
  • Freeze your card and contact your bank if you suspect your financial details have been divulged.
  • File a complaint with your nearest police station.

Remember, you can help combat phishing by reporting such incidents. You can report attempts via the Signal Spam or Cybermalveillance.gouv.fr websites for emails and online episodes, through 33700 for SMS or phone issues, or via email at abuse@orange.fr for a message mimicking the Orange brand.

Support Against Threats

Our 3000 cybersecurity experts at Orange and Orange Cyberdefense work relentlessly to enhance digital security. Our 26 worldwide detection centers examine over 60 billion incidents and deactivate 200 harmful sites every day. We also conduct various pilot programs that leverage AI and automated image analysis to detect fraudulent use of the Orange brand and warn users of suspected sites.

Free Workshops

We offer workshops both online and in Orange stores or in partnership venues to help you identify and protect against scams. Register online or by calling the toll-free number: +33 (0) 800 06 15 46.

FAQs

Q: What is Phishing?

Phishing is a malicious technique where perpetrators impersonate trusted entities to trick users into revealing their private information. They could assert their legitimacy by invoking a sense of urgency, potential financial reward or a story related to current events.

Q: How Do I Identify Phishing Attempts?

Some red flags of a phishing attempt include:

  • An unknown sender’s email address or phone number.
  • A message urgently requiring to share private data inappropriately, such as by email or SMS.
  • Grammar or spelling errors or unfamiliar expressions for an official entity.

Q: What Should be done if You’ve been Victim to a Phishing Scam?

If you believe you’ve been tricked by a phishing scam, immediately reset the leaked password and for other accounts where the same password is used. Contact your bank and freeze your card if you suspect your banking details have been compromised. Finally, don’t forget to file a complaint at your nearest police station.