The scourge of phishing
Resembling like two drops of water to emails from trusted third parties (institutions, banks, service providers), fraudulent email attacks can have disastrous consequences for your company or community.
Beyond the theft of private data, phishing emails remain today an essential vector for the distribution of malware and ransomware within companies.
A recent wave of attacks by the ransomware Emotet confirms this trend. Indeed, the target receives a message, which seems to be embedded in a discussion thread, containing a trapped *.zip file with the password of included in the mail in image format . This process bypasses email filters and antivirus software.
As a reminder : Emotet is a very active ransomware that has become a real European issue (More info here : https://www.cert.ssi.gouv.fr/alerte/CERTFR-2020-ALE-019) .
Ransomware (or r ansomware) is a type of malware (or virus) that aims to encrypt all the data it encounters. In large-scale attacks, entire corporate networks and data centres can be taken hostage. In order to unlock the data and thus the system, the victim has to pay a ransom to the hacker for a "possible" decryption key. Ransomware is both a serious and ever-increasing threat.
BlueTrusty, ITS Group's cybersecurity subsidiary, offers you realistic phishing awareness campaigns
All our campaigns include:
- the contextualization and personalization of several e-mail bursts according to your business context, during a workshop,
- the possibility to include attachments and URLs leading to sites created for the occasion (allowing for example the collection of data, password...) by us,
- the purchase of a free and unpublished domain name adapted to the situation,
- technical tests prior to sending each salvo,
- a detailed report and a commented restitution for each salvo,
- the progressive adjustment of the difficulty.
During the preparation workshops, we will share with you the many good practices drawn from our experience and the current trends of cybercriminals.
In addition, it is possible to order an additional service to identify and accompany risk behaviours, as well as to train the most vulnerable staff, in face-to-face/distance/e-learning or via reflex cards.
The most common cyber attacks against businesses
Types of attacks most observed by French companies in 2019*
- Phishing or spear-phishing 79% 79%
- President Scam 47% 47%
- Exploiting a Vulnerability 43% 43%
- Attempts to connect 40% 40%
- Social engineering 35% 35%
- Acquisition of illegitimate domain names 31% 31%
- Evaluating a configuration fault 29% 29%
- Denial of Service Attack 28% 28%
* Several answers possible - Source : CESIN, OpinonWay