Security Tip of the Week - r/Cybercriminals: Spear Phishing

In a recent spear phishing attack, cybercriminals sent fake emails disguised to trick Reddit employees into sharing their credentials.

Reddit, a popular online community, was the latest victim of a spear phishing attack. Spear phishing is a targeted email attack that looks like it’s from a trusted source, but it’s actually from cybercriminals in disguise. 

In this recent attack, a cybercriminal set up a fake website designed to steal login credentials. Then, the cybercriminal sent phishing emails to Reddit employees. The emails prompted employees to visit the fake website and enter their credentials. Through this attack, the cybercriminal was able to access sensitive information from Reddit and steal internal company data.

Follow the tips below to stay safe from similar scams:

• Make sure that the sender is actually who they say they are. If the sender claims to be someone you know, reach out to them in person or by phone to verify. 
• Remember that spear phishing attacks can happen to anyone. Think before you click, and never click a link in an email that you aren’t expecting. 
• Be careful with the information you share about yourself online. Cybercriminals can use this information to target you in phishing attacks.

Stop, Look, and Think. Don’t be fooled.

KnowBe4 is the world’s most popular integrated platform for awareness training combined with simulated phishing attacks. Let Keller Schroeder show you how KnowBe4 has helped thousands of organizations just like yours manage the continuing problem of social engineering. Contact us today to learn more.

DISCLAIMER : Any non-technical views expressed are not necessarily those of Keller Schroeder or its employee-owners.