{"id":354,"date":"2022-10-24T21:50:00","date_gmt":"2022-10-24T21:50:00","guid":{"rendered":"https:\/\/quasimodo.ca\/?p=354"},"modified":"2022-10-27T14:11:35","modified_gmt":"2022-10-27T14:11:35","slug":"piratage-en-entreprise","status":"publish","type":"post","link":"https:\/\/quasimodo.ca\/en\/piratage-en-entreprise\/","title":{"rendered":"Hacking : Are you at risk?"},"content":{"rendered":"
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

How to avoid the traps!<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

With the increase of teleworking, the risk of being cyber-attacked is high.<\/p>\n

A lot of Small and Medium Businesses had to develop solutions to let people telework at the beginning of the pandemy. Lot of them were not prepared to it and made choices that may have impact on the security of their systems.<\/p>\n

People are less and less interacting each other with the distance. There are more online and email conversations that will increase the risk too. Being hacked can have big consequences to your data and may interrupt your activities for a while.<\/p>\n

There are multiple threats and faults can come from softwares or humans. That is why we want to explain you, what are the different kind of threats to auto-evaluate your vulnerability.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

The different risks<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\tWorld has change and the time when virus were just decreasing the performance of your PC! Nowadays, there are multiple kinds of threat and the consequences are more important. Some of them don't even require any computing or development skill. Let's have an overview of some of them and how you can prevent them.\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

Phishing<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

The phishing is a practice in which the hacker try to usurp an identity of someone in the company or any other people that may have some authority. This way, he will try to ask for some secret information (passwords) or any urgent payment for a supplier, taxes, etc. It is part of the social hacking which requires no particular skill in computing or development and work on persuasion.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t

How does it look like?<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Through emails<\/strong>: the email is one of the best canal, it looks like it has been sent from one of your colleague or any institution (bank, energy company, web provider, web platforms, etc.) but in reality it comes from another account ready to get a quick response.<\/p>\n

It usually explains you that you have some issues with your account or have to proceed to a password renewal or do a quick payment to avoid penalties. In reality It will try to scary you so you will click on the link attached or answer by email to the sender directly.<\/p>\n

Ouvrir un courriel est rarement dangereux. Ce sont les liens web et les pi\u00e8ces jointes attach\u00e9es qui le sont. Aussi dans le cadre du hame\u00e7onnage, les courriels vous invite sous un certain pr\u00e9texte \u00e0 venir mettre \u00e0 jour des informations confidentielles (carte bancaire, mots de passe, etc.) en vous proposant un lien directement dans le courriel pour venir vous authentifier.<\/p>\n

This link or the sender is a fake. Sometimes it will looks like the real website of the company\/institution but in reality it is just a copy. Their only purpose is to make you login or complete a payment or a form with secret information like credentials. This way they can take controle of an account or credit card information.<\/p>\n

This method can be also used by phone, online discussions, etc.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t

How to avoid it<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

You can use these 2 rules :<\/p>\n

You have to make your colleagues and employees aware of the risk. Specially person that are not used to using a computer or internet. They should never answer to any unusual situation or exceptional situations by email. Like an email from the boss asking to pay a supplier quickly for example.<\/p>\n

If they have a doubt, they should identify the sender. If they know the person, always try to make a call or contact directly the company or the institution for confirmations.<\/p>\n

If there is any link and you have a doubt, always connect to the official website by a web browser instead of clicking on the link sent by email.<\/p>\n

There are some things to know if you want to verify if the email is a phishing but ther are not always visibile :<\/p>\n