At home and work, it’s hard to escape phishing attempts and they’re becoming more sophisticated, whether by email, SMS, or social media. As a responsible operator, we’re committed to developing a digital society that can be trusted, and therefore doing what we can to combat the threat. Here’s what to look for when it comes to phishing, and the best practices to adopt.
“Phishing” is a technique used by hackers to collect confidential data about you without your permission. They will often contrive an emergency, threat, or unusual situation. They may pretend to be your bank, official organization, mobile operator or e-commerce site and ask for personal information such as passwords, payment methods, identity, professional data, etc.
74%
of breaches involve human error
(Source : Verizon Data Breach Investigation Report)
+47.2%
of phishing attacks in one year
(Source : Zscaler ThreatLabz)
562.4
million phishing emails detected in the first quarter of 2023
(Source : VadeSecure)
The first wave of phishing came about through sending scam emails, where the victim would unintentionally click a malicious link and be redirected to a fake website. Phishing techniques are evolving and include sending text messages (known as “smishing”) and fake phone calls (“vishing”). Hackers are perfecting their attacks by incorporating AI algorithms to make their messages more realistic or even spoof the voices of people they trust.
General phishing targets the public: one in four French people believe they receive a suspicious message at least once a day. But the threat also affects professionals – the self-employed, SMEs, large organizations, or even public companies. 42% of business leaders say they are particularly worried about the risks of a cyberattack (Source: 2023 Orange Cyberdefense Harris Interactive study).
Hackers adapt their methods to target the business world. They might impersonate business services (accounting, professional software, etc.), target key people (senior executives, “CEO fraud”), or use phishing to open the door to a ransomware attack.
To learn more about the specific risks of workplace phishing and guard against scams, download the 2023 Security Navigator report published by Orange Cyberdefense.
Here are 5 clues that will help you spot a scam.
1 There is an urgency to the message (blocked bank account, etc.), a potential for a financial reward (refund, etc.) or a fake campaign related to current events (natural disaster, conflict, etc.).
2 You don’t recognize the sender’s email address or phone number, or the name is inconsistent with the URL of the links to be clicked or the address of the redirect site.
3 The message asks you to share confidential data by email or SMS (username, password, credit card, etc.), which no legitimate organization would do.
4 The message contains spelling mistakes or expressions that are unusual for a bank or official business.
It is important to report phishing attempts. By talking about it and alerting the relevant authorities, you are helping to fight against phishing scams.
Do you live in France?
Orange and Orange Cyberdefense employ 3,000 cybersecurity experts to strengthen digital security. Our 26 detection centers around the world analyze more than 60 billion events and shut down 200 malicious sites daily.
To strengthen our customers’ protection, we have also run several pilots using AI algorithms and automated image analysis to detect any fraudulent use of the Orange brand, provide an automatic warning when a user tries to connect to a suspicious site, and more. These innovations help us fight new forms of attack more effectively.
Want to learn how to better detect and protect yourself against scams? By the end of 2023, we will have run more than 7,000 workshops either online or in person at Orange stores and partner locations.
Each one-hour workshop is an opportunity to learn tips and best practice from our experts on topics such as:
Register today, either online or by calling the toll-free number: +33 (0) 800 06 15 46