A simple habit that safeguards your data and money online.

Imagine unlocking your front door without checking who is ringing. You open it to a stranger pretending to be a neighbour, a delivery person, a technician. Online, this is exactly what happens when you click on a link without verifying the website address. A single letter changed in the URL — "paypa1.com" instead of "paypal.com" — and you have just handed your banking details to a scammer. What was meant to be a quick payment turns into a months-long administrative nightmare to recover your money.

📖 How to read this guide?
It is divided into 3 sections: first the key threats, then the technical workings, and finally complete mastery of the subject. Stop wherever you need based on your necessity.

The threats: When a single letter changes everything

Every day, millions of links circulate in your emails, SMS, and messages. Most are legitimate. But it only takes one fraudulent link to turn your life into administrative hell.

Bank phishing: The €5,000 trap

You receive an email that seems to come from your bank. The logo is perfect, the tone professional, the message urgent: "Suspected activity detected on your account. Click here to secure your access." You click. The website looks exactly like your bank's. You enter your credentials, your card code, your phone number. Within 48 hours, €5,000 disappears from your account.

In 2020, a wave of phishing targeted clients of several French banks with emails perfectly mimicking official communications. Victims were redirected to sites like "creditagrico1e.fr" instead of "creditagricole.fr" — note the "1" instead of the "l". These attacks resulted in average losses of €3,200 per victim according to ANSSI. The worst