From the beginning of the year a tragedy arose in the hearts of French houses: Cyber attack on France Connect accounts. Using a variety of strategies, web hackers recover your professional and personal data for use against you. What are these techniques, what are the risks, and above all, how to prevent them?
Last February, we already mentioned one thing about cyber security Leaks of billions of passwords and identifiers, Including Gmail accounts from Netflix to LinkedIn. Today, The attacks targeted the accounts associated with the identity verification service of 21 million users, And wants to connect more than 700 services: Center France Link. The worm is already in the fruit. News of victims of this web pirate is flooding the pages of French newspapers and specialized sites. 20 minutes, Release, France Information, எண்மராமாFrom the beginning of this year, it will rain on victims, users and health systems.
How do they do it? Cybercriminals try to recover victims’ evidence by forging a fraudulent affiliation notice on France Connect Or Amali. User Receives an email with the FranConnect logo, Then the service reports that a link has been made to the service in its name. It should be noted that he is not, the user strictly Click the link in the messageBy doing this, the identifiers are filtered.
Double head hook
In its March 10 article, Cyberguerre.numerama.com takes the example of Isabelle, who received a bizarre link notification, stating that someone had linked to the CPF site with her Amelie credentials. Double win for the hacker It retrieves both identifiers of the victim’s account, but also switches to his personal training account (CPF). This is the whole problem of centralization provided by FranConnect and its boon to pirates.
This technique is called Fishing (Or phishing)The Ministry of Economy, Finance and Recovery calls for this. ” Contains Trust that they are communicating with a trusted third party affected In order to obtain personal information such as his credit card number or password “.The goal is usually to recover payment data or passwords Access billions of secret files, Especially in medicine, at the time of infection.
How to deal with it?
So how do you stay alert during this type of attack? First, if you receive a fraudulent email, you definitely should Please check the sender’s address, To determine its abnormality. Sign in to verify that no activity was performed. It is necessary behind it Inform the relevant departments and report the fraud on Cybermalveillance.gouv.fr. Network of Digital Investigators and Digital Prevention and Security Actors of the National Gendermary Posted a tweet earlier this year in which its members should be vigilant. Finally, obviously, change your password.
In recent days, the Fishing That’s where the parcel takes the form of an attack Internet users are asked to pay a few euros to open an imaginary package Addressed them. This time, the logos of companies like La Poste, UPS or Colicimo are copied.
“Avid writer. Subtly charming alcohol fanatic. Total twitter junkie. Coffee enthusiast. Proud gamer. Web aficionado. Music advocate. Zombie lover. Reader.”