Welcome to the Geek Choice Blog

About two months ago, I got my first Facebook phishing email. It asked me to click a link so that I can change my Facebook password. You know, for my ‘security’.

Well, this one was an immediate red flag to me for the following reasons:

1)   I’m not an active Facebook member at all and the email address that was used to send me the message was an account I was SURE I had not used for opening a Facebook account.

2)   The message style of the email was very unprofessional. It said this:

Dear user of facebook,

Because of the measures taken to provide safety to our clients, your password has been changed. You can find your new password in attached document.

Thanks,
Your Facebook.

First of all, “Dear user of facebook”? Come on.

Plus, the fact that the word facebook was not properly written (Facebook) was another red flag.

3)   Attachments are major red flags too. Even if it was only a link to change the password I would not immediately click it. So an attachment, something for me to download on my PC, is definitely a red flag.

It didn’t take long for my doubts to be proven true. Tons of articles online soon appeared stating that Facebook password reset confirmation emails were a fake. Good thing I didn’t download the attachment and have malicious software invade my PC!

If you get this email or other phishing messages, here are a few more of those ‘red flags’ you should be aware of.

• If you are asked to provide passwords, personal information, or credit card details, be weary.
• If you are addressed as “dear user” instead of “dear [your name]”. With the latter, it at least signifies that some time ago you may have signed up for their product or service (because they have your real name).
• If the email is poorly written with many grammar errors, it’s probably a phishing email. This is because professional organizations will almost always take the time to craft professional looking messages to their users / subscribers.

As a way to AVOID getting phishing emails, ensure that your antivirus software is always updated. Most of the time, these malicious emails will have a word or two in them that will trigger your antivirus program to issue a warning message about the email or move the message altogether to your Junk or SPAM folder.

Make sure your firewall is always turned on too!

If you’re a user of Twitter, that social networking phenomenon that depends upon succinct bursts of information from its community of members, you might be at risk of having your password compromised.

Twitter has begun issuing alerts to certain users, notifying them of the need to change their password. It reads as follows:

“Due to concern that your account may have been compromised in a phishing attack that took place off-Twitter, your password was reset.”

This is in response to phishing attempts that have resulted in users unwittingly surrendering their login information to hackers.

Phishing refers to a process where unscrupulous sorts set up a bogus login screen that dupes unsuspecting users into giving their user name and password away. The phishers then use that compromised account to send messages to other users, using the same scheme.

Aiming to thwart a recent series of phishing scams, Twitter has been informing users that they should change their password if they happen to be following an account by the name of @THCx. It’s suspected that this account may have been created for the purpose of phishing for passwords.

Geek Choice advises you to be very mindful of who you share information with. When logging into ANY account, always make sure to look at the url located in the address bar. Should there be anything that looks peculiar, it’s possible that it’s not the actual site you wish to log into.

Stay vigilant and protect yourself.