Security Tip of the Week – Blue Checkmarks are the Perfect Phish Bait

by Michaela Kunkler

Have you ever noticed the blue checkmark on your favorite celebrity’s social media profile? This checkmark shows that the person has provided documentation to verify their identity. Verification helps you know a real account from a fake—but this tool isn’t just for celebrities. Whether you have a personal social media account or manage one for your organization, being verified can be a great benefit.

Keller Schroeder Security Solutions Group Logo

To become verified, you are required to provide sensitive information which, unfortunately, makes this process the perfect bait for a phishing attack. Cybercriminals spoof popular social media platforms like Twitter, Instagram, and YouTube by sending out fake verification emails. The emails include a link that, when clicked, takes you to a convincing verification form. Here you’ll be asked for things like your username, organization, password, gender, and more. Anything entered on this page is sent directly to the bad guys.

Stay safe from this fake verification scam with these tips:

  • This attack exploits the feelings of excitement and validation that comes with becoming verified. Don’t let the bad guys play with your emotions. Think before you click!
  • Never click on a link within an email that you weren’t expecting.
  • When an email asks you to log in to an account or online service, log in to your account through your browser—not by clicking the link in the email. That way, you can ensure you’re logging into the real website and not a phony look-alike.

Stop, Look, and Think. Don’t be fooled.

KnowBe4 Logo - Keller Schroeder Vendor PartnerKnowBe4 is the world’s most popular integrated platform for awareness training combined with simulated phishing attacks. Let Keller Schroeder show you how KnowBe4 has helped thousands of organizations just like yours manage the continuing problem of social engineering. Contact us today to learn more.

DISCLAIMER : Any non-technical views expressed are not necessarily those of Keller Schroeder or its employee-owners.