In the coming weeks, do not be surprised to be invaded by rather suspicious emails or to be harassed by questionable phone calls, the reason is unfortunately simple: a new database containing the confidential information of nearly 40 million French can be found for sale on the dark web.
The data of about 39 million French people for sale on the dark web ? This is what cybersecurity specialist Damien Bancal would have discovered for Zataz, an IT news site. First names, surnames, postal addresses, phones and email addresses are listed in this file that the hacker wishes to sell. To bait the barge, the hacker offers a list of 100,000 people to those interested in the entire database.
This file containing the personal data millions of French surely comes from a mixture of different sources already available on the dark web. Problem, with a file that accurately lists this kind of information, potential phishing and scam campaigns are likely to flourish in mass.
With so much information, it is possible to create increasingly realistic messages and thus fool even the most seasoned and attentive users. Another disturbing element, we find in the data file a column real money (« money real ”), a term often found on the websites of online game or theuniverse of cryptocurrency. This could be an estimate of the profile money recovered.
More and more realistic messages with AI
Another risk would be to see this data being used to carry out attacks by force brute or by dictionary. They can be carried out on software dedicated by hackers to test a gigantic number of combinations to, in the end, find your personal password. Since the pandemic, the cybersecurity became to eyes of many French people a real concern for the years to come. To be able to curb this kind of dangerous campaign, online education on cyber attacks must become a primary objective. You can also find here our tips for choosing a good password manager.
Remember that it is essential to regularly change password with or without the help of a password manager, never use the same one twice and always choose sequences of letters, numbers and complex special characters. It is also necessary to privilege double authentication when possible, in particular regarding access to their e-mails and social networks.
Interested in what you just read?
.
