A large number of French people work remotely, and all use tools specially designed to facilitate remote exchanges. And cybercriminals have understood this well.
While some companies decide to reverse course, returning to a face-to-face organization, the practice of teleworking still remains largely normalized in France. Having become a habit since the confinements of 2020, the fact of being able to work remotely, at least a few days per week or per month, is a criterion of choice for many employees. According to the 2025 barometer from the recruitment firm LinkingTalents, more than 63% of French people work remotely, and more than one in two people believe they can no longer do without it.
Reduction in travel time and transport-related expenses, better balance between professional and private life, greater concentration and autonomy, flexibility in working hours… For employees, the advantages are numerous. But a new threat is now targeting these home workers: a phishing campaign, spotted by cybersecurity researchers from the company Netskope in early February, uses IT tools used for remote work. Scammers can then block your access, take control of your computer and collect all your sensitive data, from company information to your banking details.
Everything goes through videoconferencing applications, which all teleworkers use on a daily basis to communicate: Google Meet, Microsoft Teams and even Zoom are concerned. Cybercriminals impersonate your company to send an email invitation, asking to join “an urgent meeting”. The trap is almost undetectable, because the link redirects to an extremely faithful copy of your usual video platform. But that’s where the scam starts: a message appears, indicating that your computer does not have the latest version of the software, and that you must therefore install an update to be able to access said meeting. Problem: by clicking, you will not download the real update… but malware allowing criminals to take control of your device.
This is a remote management tool that bypasses company security filters, and will allow them to access all the data on your computer without triggering an alert. Once inside, they can then navigate wherever they want, and even you completely cut off access. “Even more serious, attackers can easily distribute more powerful malware throughout the environment, transforming a simple compromised device into a large-scale intrusion into the enterprise.”reports Netskope. In short, cybercriminals can deploy other malware throughout your company’s internal network.
To protect against this, there is unfortunately no miracle solution, apart from the basic cybersecurity instructions: always check the sender of an email inviting you to a virtual meeting and never click on a link if in doubt. The simplest thing is to send a message directly to the person concerned to confirm, or not, that this famous meeting will take place.
