Scams are becoming more and more frequent and take different forms, sometimes very surprising. 10% of police officers were fooled by this new fraudulent email.

This is an anecdote reported by Le Parisien and which says a lot. In the middle of the night, a few days ago, 9,000 police officers received an email with a very attractive announcement in the subject line: “Exclusive allocation of places for the 2024 Olympic Games events”. The email includes the gendarmerie’s slogan: “Our commitment, your security” and assures that the Ministry of the Interior wants to thank its staff by offering them places to attend Olympic events. It is also specified that they will be allocated by “order of registration”. To obtain them, you must click on a link.

5,000 gendarmes opened the email, including 500 who then clicked on the link which led to a page announcing “phishing, phishing, the link you just selected in the email was a trapped link”, allowing them to realize their error. The next day, members of the police received a second email to explain to them that it was an “exercise organized by the RGIF staff”. The Ile-de-France gendarmerie wanted to test the capabilities of its staff in terms of IT security.

10% of the police therefore fell into the trap. However, certain elements present in the email could have alerted them. For example, the sending address was “gendarmerieinterieur-gouv.fr” and not the real “gendarmerie.gouv.fr”. In addition, the text contained spelling errors, particularly in the sender’s name “Directorate General of the National Gendarmerie”. The function of the sender of the email was also incorrect. It was indicated that Xavier Ducept was director general of the gendarmerie, when he is in reality boss of the Île-de-France gendarmes.

The result of this test is rather worrying since it shows that the police, who are supposed to be well informed about scams, are also being fooled by “phishing” (a contraction of phreaking or “piracy” and fishing or “fishing”). in English). A well-known phishing technique consisting of sending emails pretending to be a company or an administration to extract data from Internet users. Enough to further strengthen vigilance among the population.

Fraudulent emails, fictitious places, the forms of scams should indeed multiply as the Olympic Games approach. According to Le Parisien, General Ducept took the opportunity to once again call for the vigilance of the gendarmes: “Let us all be aware, the cyber threat is real and will further increase during the Olympic and Paralympic Games.”

Several good practices were then communicated such as “never communicate sensitive information by email, no administration, serious commercial company, will ask you for your banking details or passwords by email or by telephone”. It is also advisable to “be vigilant with emails coming from the Internet” and “not to trust the name displayed in the sender field”, as cybercriminals are specialists in identity theft.