Introduction: context and importance of combating phishing
Email phishing is a major threat for companies and individuals in Switzerland. Every day, users in Geneva, Zurich or Lausanne receive fraudulent messages designed to steal card data or any other sensitive information. It is essential to apply security measures and exercise caution when browsing the internet. This content explains how to identify and neutralise these phishing emails and how to protect accounts and payment data.
What phishing is and how it works
Email phishing is a scam in which the sender pretends to be a trusted service such as a bank or an official website. Fraudsters may use phishing sites or falsify a domain name to deceive the recipient. The message may contain links to malicious sites or request card numbers, passwords or access to an email account. Fear, urgency or curiosity are used to push the user to act quickly without thinking.
The warning signs of a phishing email: content and sender
Identifying a phishing attempt relies on several indicators found in the content and in the sender:
- Suspicious sender address often close to a legitimate one but slightly altered
- Spelling or grammar mistakes in the message
- Unexpected links or attachments that may contain malicious code or spyware
- Urgent or threatening requests applying pressure to disclose card data, card numbers or passwords
- Suspicious call or message with the fraudster impersonating the number of an official service
- Unsolicited emails or spam from an unknown centre
In case of doubt, it is recommended to contact the official service or centre directly to verify the legitimacy of the message.
Why detecting and neutralising these emails is crucial
A phishing email can lead to:
- Theft of card numbers, card data and passwords
- Compromise of an email account and access to other online services
- Direct (money) or indirect financial losses
- Damage to the company’s reputation in Switzerland
Detecting and blocking a phishing site before it reaches your employees or customers is therefore essential for any organisation.
Methods and best practices to identify and block phishing: content and doubt
To protect yourself from phishing, here are the best practices:
- Training and awareness to teach employees how to identify suspicious content and act in case of doubt
- Filtering messages and checking links or attachments before opening
- Multi-factor authentication (MFA) to secure account access even if passwords are leaked
- Verification of the domain name and internet address to avoid phishing sites
- Internal procedure in case of doubt by contacting the appropriate centre or service before taking action
These measures These measures apply to all Swiss companies, whether you are based in Geneva, Zurich, Bern, Lausanne, Basel or elsewhere.
Benefits for companies in terms of security and data protection
- Strengthened security for payment data and card numbers
- Reduced financial and legal risk
- Increased customer trust thanks to proactive threat management
Cybersecurity culture integrated at every level of the organisation
SPIE: supporting organisations in preventing and managing phishing threats
At SPIE, we support Swiss companies in combating email phishing:
- Risk assessment and identification of phishing sites and suspicious domains
- Implementation of technical solutions to filter messages and secure internet browsing
- Training and awareness programmes for teams
- Rapid intervention in case of doubt or phishing incidents to neutralise any threat
With SPIE, organisations can secure their services, protect their card data and ensure the continuity of their operations in a complex digital environment.