Phishing

At Arsen, we help businesses protect themselves against phishing. Part of this work involves simulating attacks on employees. We are therefore particularly attentive to real attacks that can be observed online in order to constantly update our simulations to be representative...

Lïa Desmousseaux de Givré

Jan 4, 2023

Learn how to report a fraudulent email is a crucial step in the fight against phishing. In an ideal world, everyone facing a phishing attempt would report it, as it contributes to the fight against phishing. Despite various protections and anti-phishing...

Lïa Desmousseaux de Givré

Jan 4, 2023

Whether it's clicking on a malicious link or sending confidential data to a fake third party, if the threat is always external, 90% of effective cyber attacks involve an error resulting from human exploitation. It is based on this fact...

Lïa Desmousseaux de Givré

Jan 4, 2023

Not all phishing emails are equal. When I ask someone what they think of a "phishing email," the descriptions are very varied. Among these descriptions, the level of difficulty, that is to say, how difficult it is to detect the fraud, also...

Lïa Desmousseaux de Givré

Jan 4, 2023

"You know, we are protected against phishing because we have implemented multi-factor authentication. We have heard this sentence too many times. As you know, at Arsen we are very committed to raising awareness among employees about cybersecurity. Where a trained and aware...

Lïa Desmousseaux de Givré

Jan 4, 2023

From the early days of phishing to the present, almost 30 years have passed, with a constant evolution of the techniques used by cybercriminals. These fraudsters have been active for much longer than the emergence of the first phishing emails: from...

Alexandre Esser

Jan 4, 2023

The risks associated with phishing are often underestimated. Many still believe that the consequences are limited to having to change a few passwords, scan their network, or even have a comprehensive security policy. However, as we will see, phishing can have...

Thomas Le Coz

Jan 4, 2023

A sextortion attack involves extorting money by blackmailing with a sexual theme. For instance, the malicious individual contacts the victim claiming to have a video of them in a compromising situation. The individual then threatens to release the video unless...

Thomas Le Coz

Jan 4, 2023

The compromise of email addresses, or Business Email Compromise (BEC), is a popular attack aimed at compromising a company's mailbox for malicious purposes. The simplest monetization is generally to request a fund transfer from the corrupted address or a change...

Thomas Le Coz

Jan 4, 2023

Instagram is a highly popular social network, making phishing on the platform equally prevalent. According to the "Digital Report 2021" by Hootsuite and We Are Social, Instagram ranks fifth among the most downloaded apps with 1.221 billion active users. Notably,...

Thomas Le Coz

Jan 4, 2023

Mass attacks are becoming increasingly ineffective, giving way to _spear phishing_ attacks, or even "**whaling**" _(whale fishing)_. As the name suggests, a _whaling_ attack is nothing more or less than a spear phishing attack where the victim is a big...

Alexandre Esser

Jan 4, 2023

At Arsen, we offer two types of phishing simulations: the evaluation simulation which aims to not be detected.

Lïa Desmousseaux de Givré

Jan 4, 2023

A new variant of phishing has been observed lately, called Browser in the Browser (BitB). It is simply an attack aiming to deceive usual human detection techniques by generating a fake window inside a real window. Indeed, most of the time,...

Lïa Desmousseaux de Givré

Jan 4, 2023

Instagram is a very popular social network, so it is logical that phishing on Instagram is just as popular. According to a study, "Digital Report 2021" published by Hootsuite and We Are Social, Instagram is the 5th most downloaded application...

Lïa Desmousseaux de Givré

Jan 4, 2023