Internet et sécurité bancaire

Translation for informational purposes only, please refer to the French version.
It is essential to adopt a behavior that is adapted to the practices of the internet and to secure your computer or smartphone.

Adopt good behaviors to navigate safely on the internet

Do not communicate your login credentials and passwords

Do not disclose your login credentials, passwords, card numbers, PIN codes, or bank account information to anyone.
Your IBAN /QXBAN allows you to communicate your bank coordinates for the setup of payments and withdrawals.
Limit the dissemination of this information to trusted individuals or organizations.
Be careful about prying eyes: when entering a password or login credentials, especially on a smartphone, make sure no one is watching over your shoulder.
When entering your password on the epithete.com website, your browser may sometimes ask you to save it. As a security measure, always refuse this request.
Change your password regularly and choose a different one for each site.
Avoid using simple or obvious passwords.

Be wary of unsolicited emails and sms

Do not share your email address and phone number unnecessarily. Only share them with trusted individuals or organizations.
Do not open emails and SMS from unknown sources, nor the attached files. They may contain malicious software.
Do not enter your login credentials and passwords after clicking on a link in an email whose origin you are not sure of. This type of solicitation is often used by scammers to steal your information.

A company, be vigilant and know how to recognize scams

To thwart attempts to scam wire transfers, the French Banking Federation has published a guide of good practices to apply and disseminate in your company.

Connection and disconnection on epithete.com

The date and time of your last connection appears on the homepage of your Customer area.

Verify the authenticity of your epithete.com site

Carefully check the address displayed by your browser and the security information on the site.

Our secure site guarantees a secure connection and the encryption of your confidential data. You can verify this security by the presence of "https:" before the address and the image of a lock. A double-click on the icon displays the security certificate information for the site.

Once you are sure you are on the authentic Épithète site, add the address to your favorites to return without risk.

Install the latest updates of your software. They generally include the latest security patches.

For more security, equip your device:

For more information on computer viruses and ways to protect yourself, consult: www.ssi.gouv.fr/particulier/bonnes-pratiques/.
Secure your confidential data on your smartphone.

Secure your internet devices

Protect your device

With an up-to-date and automatically installed ntivirus software to protect it against virus infections, Trojans, and horses, very common on the internet. Here is a non-exhaustive list of the most common antivirus software: Avast, BitDefender, Kaspersky, Sophos, Panda, Norton Symantec, McAfee...
With a firewall software, also called a firewall. This software prevents unauthorized third-party access to your computer and the data it contains.

Adopt good habits on smartphone and tablet

Protect your mobile device with a password.
Install an anti-theft application. These applications allow you to locate your smartphone, lock it, or erase all data remotely in case of theft.
Always download your applications from reliable sources.

Securing professional equipment

The CGPME (Confédération Générale des Petites et Moyennes Entreprises) and the ANSSI (Agence Nationale de la Sécurité des Systèmes d’Information) have published a brochure reminding the good practices to adopt to secure digital equipment in a company.

Internet scams and frauds

Scammers on the internet try to achieve their goals by all means. Here is an inventory of internet scams and the most common pitfalls.

Scammers want to be able to connect to your distant service contracts on Épithète and use your money. To do this, they try to recover your personal data by imitating the emails of your bank (or other organizations such as Épithète). They then redirect you to a fake site, imitating the legitimate site, to recover your login credentials. The logos and signatures are easily imitable, focus more on the content of the message. To encourage you to act quickly, scammers invoke important and urgent reasons: an alert on your contract, a notification from your mailbox, a blocking of your access, a new regulation...

Phishing

How to recognize a phishing email?

There are variants of phishing using the phone (we then speak of Vishing, for Voice Phishing,) or SMS (we then speak of SMShing). Be wary of any unexpected contact that asks you to perform an unusual action.

How to react when you receive a phishing email?

Do not click on the links in the email and on the attached files.
Forward the suspicious email to our service capable of identifying fraudulent emails: phishing@epithete.com
Finally, delete it.

If you think you have responded to a phishing email

Immediately change the password you use to access your Épithète contracts.
Contact your advisor as soon as possible.

For any attempt to scam not involving Épithète directly

You can file a complaint with the competent authorities: Your login credentials and passwords are secret. You must not give them to anyone!

Ransomware

Ransomware is a malicious software that takes your personal data hostage by encrypting it. To recover it, you must pay a ransom. These softwares are often contained in the attached files of unusual and unexpected emails.

Its variant, "extortionware", blocks an online account and threatens to expose your personal data if you do not pay the ransom.

Scam by emotional manipulation

Scammers create fake profiles on dating sites and social networks using photos of men or women recovered from the internet. These scammers are skilled in computer tools, image editing, and also use pre-recorded video flows on their webcams. They then engage in correspondence, sometimes for months, to gain the trust of their interlocutor. Once trust is established, they invoke a reason to extort money from their victim. Examples of reasons invoked: a request for help to buy a ticket to visit them, for a family member who has fallen ill or been injured...

Scammers can also ask you to cash a stolen check in exchange for a transfer of money or prepaid cards. The stolen check being rejected, the blame and responsibility will fall on the victim scammed.

Be vigilant:

Do not send money to someone you cannot verify the identity of;
Do not disclose your bank coordinates to people met on the internet.

Sometimes, exchanges take place during a video conversation and become more "intimate". The images collected are used by scammers for blackmail, extortion of funds in exchange for their withdrawal.

Fake appeal for help from a friend

If you receive an email from a friend asking you to send money, it may mean that their email address has been hijacked. Scammers try to make you feel sorry for them by invoking an attack or a theft requiring your financial help. The only way to be sure of the situation is to call them, even if the message asks you to respond only by email.

Scam to sell between individuals

If you are a seller, be wary of buyers who are in a hurry to buy your item without trying it. This is often a technique to gain your trust and obtain your bank coordinates.

If you are a buyer, be wary of offers that are too attractive. Scammers sell or rent items whose photos are the only thing they have. Any wire transfer made is irrevocable and definitive.

Scam to gain

You receive the announcement of an inheritance, a gain, or an unexpected source of income? Such news rarely come by email. Be wary of documents presented or sent to you. Moreover, any request for identification documents, domicile, IBAN, or payment of fees is suspicious and fraudulent in this context.

In a company: scam to the president or supplier

Usurpation of the president or a company executive: the purpose of the scam is to encourage an employee to make a transfer, outside of any procedure, by invoking the imperatives of discretion and confidentiality;
Usurpation of the supplier or lessor: here, the scammer pretends to be a regular supplier and claims to have changed their banking address.

It is essential to establish and respect strict procedures for all transfers. Verify the information provided and consult your usual contact, without taking into account the contact means indicated in the suspicious message.

In a company: fraud on transfer following the update of a software or false it test

This type of scam was created with the implementation of the SEPA standard but remains current: after studying the company's functioning, the scammer usurps the identity of a bank employee and contacts the company's accountant. He asks him to perform operations in the framework of "tests" that are actually real transfers.