Phishing and smishing: don't take the bait!

Phishing is a form of online fraud which involves making users themselves reveal their confidential and/or sensitive data. In general, this concerns: bank card PIN codes, log-in information relating to various internet services, and telephone numbers.
It is important to distinguish spam and phishing. Phishing is a type of spam, whereas spam is junk e-mails, which may or may not be designed to defraud. So phishing is a fraudulent form of spam in which the e-mail asks you to carry out a particular action, and the action always leads to a scam.

Smishing (a combination of the words SMS and phishing) is the attempt by fraudsters to acquire personal, financial or security information by text message. They act as a trustworthy source, impersonating a bank, card issuer or utility/service provider.

Phishing and smishing, in essence, rely on taking advantage of the naivety of internet users. Cybercriminals therefore have no qualms about using a whole range of weapons designed to snare you.
Learn about the four principles of phishing below:

1. Stealing the identity of a trusted organisation, in particular of financial institutions, large companies, government organisations or other well-known institutions.
2. Asking for confidential and sensitive information under a false pretext.
3. Redirecting the victim to a fake internet site which is virtually identical to the hacked organisation’s official site, so that he/she enters the information requested.
4. Using the data gathered to steal the identity of an individual with the intention of gaining advantages or services (money, property, identity or administrative documents).

It should be noted that phishing is not only carried out by sending fraudulent e-mails. Phishing scams can also occur by telephone!

For more information on phishing, please go to the following site:

• www.bee-secure.lu/fr/outils/glossaire/phishing

03/23