Do You Have Any Passwords? Go Phish!

Image courtesy of dariuszka

Phishing scams are becoming more common with the universal spread of social media. One recent victim was a journalist, who used the incident to educate the rest of us (link). Twitter is by far the most fertile ground, due to the often vague messages necessitated by the 140 character limit, and the trend of shortened URLs that mask the true nature of a link.  The best way to avoid the embarrassment and frustration of a phishing scam is to simply NOT click on the link.  Although social networks like Twitter are taking steps to eradicate the spread of malware and spam, the worst can still happen. You may be left to clean up the mess and try to warn your contacts before it spreads too far.

So how do you apologize when you’ve exposed your friends and colleagues to such a nefarious plot?  After consulting with the experts, Suzanne Choney (the aforementioned jounalist/victim!) reported the three rules of etiquette to follow in the event of a social networking scam:

  1. Acknowledge the attack- let everyone who might be affected know that it’s out there.
  2. Give as many details as possible about the language and structure of the scam, providing a word-for-word description if you can (minus the malicious link, of course!)
  3. Caution your contacts to be careful even when they think they know from whom a message is coming.

Whether you’re tweeting your apology or posting to a social network like Facebook, try to include some identifying information, such as a private joke, a nickname only you would know—any sort of personal context. This will give your friends peace of mind that it’s actually coming from you.

And then, please follow your own advice: think before you click.

This entry was posted in Hackers and tagged , , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *


You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>