Strange misadventure for this thirty-something Parisian, of which ZDNet.fr has just learned. This fall, this young man receives a call from his bank. He is asked if he is in China, where the banking establishment has spotted suspicious financial movements. But not at all ! The 30-year-old remains on his guard, however. The call coming from a mobile phone, he asks to be called back from the bank’s official line, which his correspondent does immediately.
Put in confidence, one explains to him, after having presented the procedure to him to make opposition, that a taxi will come to recover his credit card at residence to “dematerialize” it. The driver will tell him that this is the fourth card thus recovered during the day.
In the process, his account is debited with 3,000 euros and a payment of more than 1,300 euros is launched: it was in fact a scam.
Phishing is changing
If the story does not end too badly for the victim, who was reimbursed by his bank, it illustrates how phishing is reinventing itself. Because for our thirty-something Parisian, according to his investigations, it all probably started with a fake SMS from health insurance announcing to him, a few days after the theft of his wallet, the availability of his new Vitale card. With a link to a fake site, instruction-ameli.fralready mentioned on the Signal-scams site.
If the term phishing was invented in the early 2000s, specialists are observing the emergence of new methods to deceive victims. At the end of the summer of 2022, an Internet user had, for example, unveiled a particularly elaborate La Poste delivery notice scam. The latter had received a very credible letter whose link and QR code then directed to a malicious site.
Fake text messages and fake voice calls
Other developments already monitored by computer security researchers: SMS, with fake parcel delivery scams. Driven by confinements and the increase in home deliveries, these scams aim to rob victims of small sums of money for the postage of the fake package, allowing the crooks to recover personal data in the process. The phishing attack is just an appetizer. Hackers will then launch their scam or attempt to take control of the targeted information system, for example.
Similarly, fake voice calls have also made an appearance. These two types of attacks have very different logic. “The fake SMS is big game fishing,” says Loïc Guezo, one of the executives of Proofpoint, a company specializing in email security. On the contrary, fake phone calls will rely on call centers and “very elaborate scenarios”, he notes.
Email is preferred
However, the primary vector for phishing attacks is still email, with malicious tools available for hire. “There are always mass campaigns, but we also observe more targeted campaigns that only concern about fifteen people, real surgical strikes by e-mail” precede ransomware attacks or espionage operations, observes Loic Guezo.
As the messaging protection specialist Vade Secure also notes, phishing attacks are not weakening, with an increase of around a third over the last quarter. Admittedly, this number of malicious e-mails sent can vary, notes Vade Secure, but it shows that the malicious activity is strong on this vector.
Big events
To convince the victims to join the scam, conversations play on the length, with several exchanges, to create trust. The malicious attachment, which will activate a viral load or trigger the download of a script, is also more discreet. Attackers, for example, prefer the link integrated directly into the message. With the use of a URL shortener, this can complicate the identification of the pointed site. This type of e-mail, even if it is now anticipated by specialized companies, can pass certain checks more easily, the malicious load being hosted elsewhere.
But there are fundamentals that do not change. Thus, cybercriminals always try to make their scams credible by relying on current events, such as the beginning of October with the Football World Cup. In e, let Researchers from the cybersecurity company Trellix observed during this period a doubling of the sending of malicious e-mails in Arab countries.
Even if you are a football fan, you have to make up your mind: it is very unlikely that this so-called official partner of the event will send you a form to fill in to obtain free tickets.