Some phishing attacks “campaigns”, which means they usually use the same email template, and send them out to masses of people. Classic phishing is the general, mass-mailed type, where the criminal sends an email pretending to be someone else and tries to trick the recipient into giving them sensitive information. For instance, you may receive an email that looks like it comes from Qonto telling you there’s a problem with your account and you need to update your details by following a link. Attackers put a lot of effort in designing these emails and making sure that both the link and the website to which you are being redirected closely resemble our Qonto app. Once they have access to the account, they can make transfers, order virtual cards to make online purchases.
Vishing: is phishing via telephone calls. The approach is the same: to appear legitimate in order to get sensitive information from the victim. The criminal impersonating a Qonto agent will call the victim telling them they have a payment pending or that their account’s been breached. Then they’ll ask you to provide payment card details to verify your identity as a client.
Clone phishing is a sophisticated attack which intercepts genuine correspondence. This is where a criminal clones a legitimate email from a trusted source. This email to the victim seems to be a continuation of the conversation, but it actually contains a malicious link.