You’ve heard time and time again to be careful on the internet. Don’t open emails from people you don’t know. Don’t click links if you are unsure of where they go. Don’t open strange looking attachments. You might be thinking, “OK, I get it! I’ll be careful.” Unfortunately though, the more scams people become aware of, the more new scams we get. We have to be constantly aware of new techniques people are using to try and affect your data.
One of the ways people are attempting to gain your sensitive information is through phishing. Wikipedia defines phishing as a way of attempting to acquire sensitive information by masquerading as a trustworthy source in electronic communication. Phishing has been around for quite a while. With social media becoming a popular means of communication, phishers are finding even more ways to try and collect information.
When you’ve been phished, likely everything will look very legitimate. The site will have the logo of a well known company (such as Facebook or Linkedin), in some cases a copyright statement and maybe even a confirmation email stating your changes were successful. Everything will look like you’d expect it to look, but what goes on behind the scenes is anything but!
Instead of changing your account information, or updating your password, or validating your account, your account information, including username and password, have likely just been saved in a database, where it could be sold to a variety of different companies. Most of these companies are overseas, so US privacy laws do not apply. It could be hours, days or months before the information is used or sold and you probably won’t even know it happened. That is the real scary part!
|An example of phishing. This email appears to be from Linkedin|
Instead of attacking your email accounts, phishers are using your facebook, twitter and other social media profiles as a way to get data. It’s important to be aware of these new techniques when browsing your social media profiles. Phishers have the ability to mask their identity with the identity of your friends. Have you ever seen one of your friends posting links to crazy products on their facebook page? Have you received messages from people you don’t follow on Twitter with links included in them? Have you ever gotten a message on Linkedin that looked a little off? All of these are forms of phishing.
Unfortunately, there’s no real way to prevent phishing from happening because the methods phishers use constantly change. What we can do though, is become more aware of their practices. Be more aware when clicking on links, delete messages that you believe are a form of phishing and let your friends know if you think their social media profiles were compromised. By being more aware, you can reduce the risk of your data being compromised due to phishing.