.MOI

Cybersecurity – False attack and real issue at the French Ministry of Economy and Finances

October 30, 2017

In early October, 145.000 employees from the French Ministry of Economy and finances as well as independent agencies personnel received emails containing an offer to win Theater tickets. The emails were signed by Jean Baptiste Poquelin, Emma Bovary, Therese Desqueyroux or. [Side Note for our foreign friends: the above are famous names of French Literature: respectively the real name of the playwright “Molière”, the main character from “Madame Bovary” and the title of a novel by François Mauriac]. Not noticing anything amiss with the sender’s names, more than 30.000 recipients clicked on the link contained in the email.

Fortunately, the email originated from the IT security service of the French Ministry of Economy and Finance, who performed the operation for educational purposes. The proposed link redirected toward a webpage raising awareness about cybersecurity. Fortunately, no harm was done as it was not a real phishing attempt.

More than 150 computers from the same Ministry had been infected between December 2010 and March 2011. Six and a half years later, the above-mentioned initiative had a beneficial effect as it raised questions in a context where cyberattacks are increasing.

It is easy, for an ill-intentioned person, to send a convincing email, pretending to be a trustworthy contact. Fraudsters are creative and use various techniques. Some of these techniques, such as the Email Spoofing, can be countered by dedicated technical measures (antispam servers, SPF, DKIM, DMARC …).

However, some emails will fall between the cracks and the vigilance of the recipient will be the last line of defense. The following details however should raise alarm bells and incite the recipient not to engage in any interaction with the sender but to transfer the mail to the relevant services for advice:

Our monitoring tools allow the detection of domain names susceptible to be used by ill-intentioned persons for impersonation purposes.

Our teams are at your disposal for any query regarding our services.

A lire également :

← Cybersécurité - Fausse attaque et vrai sujet à Bercy

30/10/2017 Début Octobre, les 145.000 agents du (...)

AXA lance une nouvelle assurance utilisant son BrandTLD .axa →

10/11/2017 Récemment, la société d’assurances **AXA** (...)
.MOI
ICANN ACCREDITED REGISTRAR TMCH OFFICIAL AGENT VERISIGN ACCREDITED REGISTRAR RESTENA (.LU) ACCREDITED REGISTRAR CENTRANIC ACCREDITED REGISTRAR AFNIC ACCREDITED REGISTRAR EURID ACCREDITED REGISTRAR NOMINET ACCREDITED REGISTRAR FICORA ACCREDITED REGISTRAR RIGHTSIDE ACCREDITED REGISTRAR DONUTS ACCREDITED REGISTRAR ZA CENTRAL REGISTRY ACCREDITED REGISTRAR ZA CENTRAL REGISTRY : .AFRICA ACCREDITED REGISTRAR

Droits des détenteurs (ICANN)
Politique de suppression de domaine expirés
Conditions de service proxy
Conditions Générales de Vente
Conditions Particulières Noms de domaine
Réclamations