Share article

Summary

Phishing: how to detect and avoid online fraud

3 mins
August 05, 2020
By The Qonto Team

Imitation can be sometimes seen as a form of flattery, but criminals trying to impersonate Qonto staff members and scam our clients is not only not flattering but unacceptable...
Your account security is our first priority. And we’re fighting against these attacks on multiple fronts, thanks to a dedicated team of IT security experts as well as trained customer service agents that prevent and shut down fraud. Immediately.
Here’s a breakdown of phishing attacks - most common type of online fraud - and what to do to prevent it from happening to you and your company.

1. What is phishing?

Phishing is a type of social engineering attack used to steal user data, including login credentials, credit card numbers and other sensitive information.
It’s disguised as communication sent from a legitimate source. The message will pressure the person reading the email to take immediate action and enter personal information on a fake website which looks identical to the legitimate one.

2. What are the most recurrent phishing attacks?

Some phishing attacks “campaigns”, which means they usually use the same email template, and send them out to masses of people. Classic phishing is the general, mass-mailed type, where the criminal sends an email pretending to be someone else and tries to trick the recipient into giving them sensitive information. For instance, you may receive an email that looks like it comes from Qonto telling you there’s a problem with your account and you need to update your details by following a link. Attackers put a lot of effort in designing these emails and making sure that both the link and the website to which you are being redirected closely resemble our Qonto app. Once they have access to the account, they can make transfers, order virtual cards to make online purchases.
Vishing: is phishing via telephone calls. The approach is the same: to appear legitimate in order to get sensitive information from the victim. The criminal impersonating a Qonto agent will call the victim telling them they have a payment pending or that their account’s been breached. Then they’ll ask you to provide payment card details to verify your identity as a client.
Clone phishing is a sophisticated attack which intercepts genuine correspondence. This is where a criminal clones a legitimate email from a trusted source. This email to the victim seems to be a continuation of the conversation, but it actually contains a malicious link.

3. How to prevent phishing attacks

Practice caution when you’re asked to give sensitive information over the phone or online. Here’s a few tips to prevent phishing attacks:
  • Never use the same password on different websites and accounts.
  • Create strong and complex passwords especially for your bank account.
  • You can use secure tools to generate and manage complex passwords such as 1password. If you’re on the wrong website or a fraudulent website, your password manager will allow you to automatically enter your password.
If you want to know more about how to detect phishing, check out this article.
You can also monitor signins on your account via the Qonto app. Know that when you give access to secure APIs, this establishes an automatic connection between your programs and your account. And while you did not directly create that connection, you gave the program access to your account.

4. How Qonto secures your account

As you now know, there’s a phish for every sea. Which is why we had to set up alerts to detect anomalies and implemented multiple security features into our product to prevent any type of account takeover.
  • We automatically suspend any account showing suspicious patterns: connection from an unknown device, abnormal transfer amounts, unusual activity and so on.
  • We protect all sensitive operations using a second authentication factor.
  • We rely on data-driven algorithms to block high-risk operations.
If despite all the features we have developed you think you are a victim of online fraud, here is our article on what to do.
Phishing is a very popular technique for fraudsters, and we can’t stress enough how important it is to be as aware as possible.
So remain vigilant, be cautious - and keep this article in mind to avoid getting “hooked”.

ABOUT THE AUTHOR
The Qonto Team
Qonto is the all-in-one finance solution that energizes SMEs and freelancers.
Recommended articles
BUSINESS MANAGEMENT
7 Tips for Secure Online Banking
By Tom Bensley, 2022-01-13
BUSINESS MANAGEMENT
What to Do if You've Lost Your Bank Card
By Tom Bensley, 2022-07-05
BUSINESS MANAGEMENT
How to make a Bank Transfer Payment
By Oliver Staub, 2020-08-14
BUSINESS MANAGEMENT
10 Great Ways to Use Sub-Accounts
By Oliver Staub, 2020-07-01
BUSINESS MANAGEMENT
Tax Deductions in Germany: 10 Deductible Expenses
By Oliver Staub, 2020-09-11
BUSINESS MANAGEMENT
IBAN and BIC: what do they mean and why are they important?
By Oliver Staub, 2020-06-25
Subscribe to our newsletter
Enter your contact details to get the latest news and trends to help boost your business. 

Qonto collects and processes your personal data to better respond to your requests.
Learn more about how we manage your data and your rights.

Ready? Let's go.

Whether it's to examine the specific needs of your business, or to go over the benefits of Qonto's tools and features, we're here for you.
Open an account Talk with our sales team