Category Archives: Phishing

Social Network Emails – Your account may have been compromised – What to do.

Posted on by
Reply


zendesk

Users are still concerned after receiving emails saying that their accounts might have been compromised or the one entitled –  Important information regarding your security and privacy from social networking sites –  Twitter, Tumblr and Pinterest.

The problem arose when Zendesk  who store and organise emails for customer support and help desks for these social networks had their systems hacked. Zendesk believe that during the security breach personal information such as email addresses linked to these platforms may have been downloaded by the hacker.

Quote from the zendesk blog 

We believe that the hacker downloaded email addresses of users who contacted those three customers for support, as well as support email subject lines. We notified our affected customers immediately and are working with them to assist in their response.

This will only affect you if you have emailed customer support at Twitter, Pinterest and Tumblr – which most of us have at some point. I imagine if you have then that is why you have received an email warning you of the breach. – There is no indication that passwords have been stolen at all.

So, I don’t think there is much to worry about here – if you are concerned you can change your passwords, in fact if it has been a while since you changed your passwords on these or any accounts then maybe you should anyway.

Phishing Scam

What we need to watch out for are bogus emails pretending to come from these platforms asking us to change our passwords with a link that looks like it comes from the social network itself. This is how hackers will then hack into your accounts with a Phishing scam email.   Sites like this never ask for your passwords via email, so it will be easy to spot if you do get a Phishing email.

Never, click links in emails like this – always – If you want to change your password – go directly to the site and click on change password.

How to change your passwords

For Twitter 

Click the cog – settings – password (on the left)

For Tumblr 

Click the Cog.

For Pinterest

Hover over your username – click settings and then Change Password.

 

Hope that helps

 

Yahoo Email Phishing Scam – Account Exceeded Limit.

Posted on by
Reply

Account Exceeded Limit

A Yahoo email phishing scam is being sent to our in-boxes again.  The email looks like it comes from Yahoo admin and informs you that you need to upgrade your account as you have exceeded your limit of 30GB or you will not be able to send or receive email.

This is a phishing scam.

 

What is a phishing email

We have seen many of these on social networks lately – there have been phishing scams on Twitter, Hotmail, Facebook, and many more, and the object of the hackers game is to fool you into giving them your personal information, such as username, password and even worse credit card details. These scams don’t always come via Email it can be on instant messages or private messages on various networks. Once you give this information, they have control over your account.

How can we tell its an email scam

As luck would have it – I knew instantly that this was fake basically because I rarely use this account and never save anything there, I’ve probably used 30kb not 30gb;  Another tell-tale sign is that cyber criminals almost never put your name its usually to the account user, this is because the same email has been sent to hundreds of other people. Often the spelling is bad and its usually a threat to scare you into acting right away.

You can easily see that the email is not from Yahoo when you click to upgrade – you will notice that  URL in the address bar its not Yahoo but a website called Livresetsen.be this is where you will be sending the information when you click the link.

Sometimes this URL will be changed to something that looks real. It could be that the link itself could contain malicious software, you may be able to hover your curser over this link to reveal the real one.

The best thing to do if you get anything at all asking for your password via email is first Google it, if you can’t find anything about the scam, then contact company that you believe it is – via their numbers/emails on their website and ask them directly.

What to do if you have been phished

from the Yahoo Security page……

Help! I think I’ve been phished!

If you think you’ve given confidential personal information to a phishing site, then follow these guidelines to help prevent your information from being used illegally by fraudsters. Do not delay — fraudsters can move quickly to take over your account and do substantial damage.

I think my Yahoo! ID was phished!

If you think you entered your Yahoo! ID and password at a phishing site, then follow these steps:

  • Change your Yahoo! password immediately. Here’s how:
    1. Type profiles.yahoo.com in your browser’s Address bar.
    2. Sign into Yahoo!.
    3. Click on the Account Info tab.
    4. Enter your current password.
    5. On the Account Info page, click the Change Password link near the top of the page and follow the instructions.
  • If your password no longer works, tell us so we can start the account recovery process.
  • On the Account Info page, verify the rest of your account information; be sure any contact phone numbers or secondary email addresses are correct.
  • On the Account Info page, go to “Update password-reset info” and change your questions and answers.
  • Report the phishing email or web site that tricked you!

Do not give out your email or password easily – it might not just be an email phishing scam, watch out for anything that asks for personal information – For instance: It could be a popup on your PC that says you have viruses and need to scan your PC thats when they say its going to cost you to remove it.  Links in Pop ups to me are the same as Auto DM’s in twitter with links, avoid like the plague.  Do not click.

Hope this helps – be careful out there :)