‘Phishing’ for Credentials
Reddit, a popular online community, was the latest victim of a spear phishing attack. Spear phishing is a targeted email attack that looks like it’s from a trusted source, but it’s actually from cybercriminals in disguise.
In this recent attack, a cybercriminal set up a fake website designed to steal login credentials. Then, the cybercriminal sent phishing emails to Reddit employees. The emails prompted employees to visit the fake website and enter their credentials. Through this attack, the cybercriminal was able to access sensitive information from Reddit and steal internal company data.
Follow the tips below to stay safe from similar scams:
- Make sure that the sender is actually who they say they are. If the sender claims to be someone you know, reach out to them in person or by phone to verify.
- Remember that spear phishing attacks can happen to anyone. Think before you click, and never click a link in an email that you aren’t expecting.
- Be careful with the information you share about yourself online. Cybercriminals can use this information to target you in phishing attacks.