[Part .3] – What to do in the event of phishing?

img-post
Blog

Rédigé par colas Bonvicini , 20 February 2024

Have you realized that you’ve clicked on the wrong link, that you’ve made a transfer in a hurry, or that you’ve acted quickly on an e-mail or text message?

So you need to take action. But what to do and who to contact? Find the answers in this article.

1. Stop payment at your bank

If you have provided information about your means of payment, or if you notice fraudulent debits from your bank account. The payer is not liable if the unauthorized payment transaction was carried out by misappropriating, without your knowledge, the payment instrument or the data linked to it (article L.133-19 II of the French Monetary and Financial Code).

2. Contact your corporate IT department or an IT security expert for advice.

If you’re a complete neophyte when it comes to online security, don’t hesitate to ask contacts of yours who know a little more, or even a lot more, about it than you do.

If you’re in a company, get in touch with your IT department, CIO or senior management immediately to get help, and report any intrusions.

3. Immediately renew the logins and/or passwords of compromised accounts.

As soon as you become aware of an online scam, don’t wait – change your password on the site or application you’ve been phished by right away.

If this password is the same for several applications, accounts or mailboxes, you’ll also need to change your passwords, as the one you use for several sites will have been compromised and made known to online hackers.

4. File a pre-complaint online to make the process easier.

Online pre-complaints enable you to report incidents immediately, and make an appointment to file a complaint remotely, thereby reducing the waiting time for a complaint to be filed at the police or gendarmerie.

4.1. La pré-plainte en ligne, comment ça marche ?

a. The victim makes an online declaration on the website: www.pre-plainte-en-ligne.gouv.fr, and fills in a pre-complaint form.

b. Victims can then choose the police station or gendarmerie where they wish to sign their complaint, and the date of their appointment.

c. The victim will then be contacted by the police or gendarmerie to confirm the appointment, and to inform him or her of the documents required to file a complaint.

Please note: an online pre-complaint is not a substitute for a complaint to a police station or gendarmerie, but it does allow you to make an online pre-report of property damage, theft or fraud.

The legal value of a complaint takes effect once a report has been drawn up and signed by a police officer or gendarme.

Find out more on the Gendarmerie Nationale website

5. File a complaint with the police station or gendarmerie

By providing all the evidence in your possession, such as screenshots, e-mails, proof of transfers, contact your local police station or gendarmerie.

A reminder:

  • Filing a complaint enables a person to inform the justice system that an offence has been committed of which he or she claims to be the victim.
  • If the complaint is pursued, the perpetrator may be subject to criminal sanction.
  • Victims can bring a civil action if they wish to obtain compensation for their loss (damages).
  • If the victim does not know the perpetrator, he or she must file a complaint against a person unknown.

6. Contact the “Info Escroqueries” telephone service

For advice on phishing scams, contactInfo Escroqueries.

Set up by theOffice Central de Lutte Contre la Criminalité liée aux Technologies de l’Information et de la Communication (OCLCTIC), the “Info Escroqueries” platform is staffed by police officers and gendarmes who are responsible for informing, advising and guiding victims of fraud.

Following the collection of these complaints, the OCLCTIC teams cross-check as many complaints as possible, in order to exploit them and put an end to malicious practices on the net.

If you would like to contact“Info Escroqueries“, please call 0 805 805 817 (toll-free number, Monday to Friday, 9am to 6.30pm).

The OCLCTIC is part of the national police force, and more specifically of the Sub-Directorate for Cybercrime Control (SDLC).

Who to contact in the event of phishing?

1. Report phishing to Signal-spam.fr. Reporting means taking action.

Signal-spam.fr is a platform for gathering all the technical information needed to identify a spammer, or spam of a cybercriminal nature. Following your report, those of the community and the study of spam which may turn out to be phishing, Signal Spam is responsible for redistributing the information useful in the fight against spam, which will therefore make it possible to warn and protect future targets of the phishing which has affected you.

2. Report phishing site address to Phishing-initiative.fr

The organization will check whether the site is a phishing site, and if it proves to be such, will close it down.

From Phishing-Initiative.fr, you can :

  • check whether the address of the site you are on is a fraudulent site (reported by the online community),
  • report the address you have identified as fraudulent if it is not already recognized as such (to the attention of all Internet users)

If the address is found to be fraudulent, it will be blocked in browsers.

3. Report the incident on the government’s PHAROS website

Pharos stands for “Plateforme d’Harmonisation, d’Analyse, de Recoupement et d’Orientation des Signalements”.

As with the “Info Escroqueries” platform presented earlier in this article, this platform is also managed by the OCLCTIC and, therefore, the Police Nationale.

This online platform, also known as the “Portail de Officiel de Signalement des Contenus Illicites de l’Internet” (Official Reporting Portal for Illegal Internet Content), enables you to report illegal content and behavior online.

4. In the event of smishing, abusive or fraudulent SMS or MMS messages, forward them to the following telephone number: 33700

This SMS alert system was created by telecom operators, service providers and hosting companies, in consultation with the French State Secretariat for Industry and Consumer Affairs.
After forwarding your message, you will receive a message asking you to send the number from which you received the abusive SMS to 33700.

This information will be passed on to telecom operators, including yours, who will be able to take swift action with the organizations behind the sms.
Sending an SMS to 33700 is free for Bouygues Telecom, Orange and SFR customers.

To find out more about the number for reporting fraudulent SMS and MMS messages, visit www.33700-spam-sms.fr.

Introduction to cybersecurity concepts
The term cybersecurity refers to all the practices and tools that can be used to protect people and the tangible and intangible IT assets of states and organizations. Given the financial stakes involved in the vulnerability of Information Systems (IS), every organization must ensure the security of its IS. Lire l'article