Heartbleed ~ Watch out for those phishing emails!
Although it only happened last week the Heartbleed security bug – which placed millions of people’s passwords at risk – may seem like old news now, such is the world we live in. Even though the bug has now reportedly been fixed by the developers of the OpenSSL security system however, there is still a potential danger to the public that could go on for some time yet and that is the danger of phishing emails.
What is a phishing email?
If you use your email service a lot then you will have likely noticed a ton of emails last week from social networks and other online services you are signed up for all asking you to change your password, after clicking the link provided of course. The problem is that not all of these emails are legitimate. The illegitimate kind are known as phishing emails and these are sent out by online fraudsters in an attempt to gain access to your online accounts. But if the link is taking me to the website of my bank or social network, how can these online fraudsters get my password?
How fraudsters can obtain your password by phishing
So here’s the really clever bit. Not only do the emails sent out by these online fraudsters look as though they are being sent from a legitimate source but the links contained within these phishing emails also take you to a fake website set up by the fraudsters, a website which often looks identical to that of the bank or social network you use. This website may look identical but it isn’t. The criminals have often set up and designed the website to look identical to the original one, purely for the purpose of obtaining your passwords, both old and new.
Will my Antivirus software protect me?
If you use your email a lot and you receive lots of these emails then you will probably pick up on discrepancies between the usual emails you receive and the phishing emails. Also if you have some good antivirus software installed then it will often give you a warning signal, flag the email in some way or simply put it straight into your junk folder. Even antivirus software isn’t fool proof though and humans certainly aren’t, so what else can you do to protect yourself?
Be sceptical of any email
Personally – as legitimate as they may seem – I’m sceptical of any email I receive which is asking me for personal information or anything related to my password. As we know that antivirus software can be fooled from time to time, the only way to truly protect yourself from phishing scams is to treat any email which asks you for personal or password information as a scam. Don’t ever click the links in these emails. If you receive an email from a supposed “company” asking you to change your password then make sure you change it by visiting the website directly, either by typing the original website URL into your address bar (not the URL in the email!) or by searching for the company via Google. Don’t ever click the links within an email unless you are 100% sure that it is legitimate.
Do I need to change my passwords because of Heartbleed?
The short answer to this is yes. It’s better to be safe than sorry, right? You should really change your passwords on a regular basis anyway so why not use this as an opportunity to do so? Just make sure that when you change them you do so by visiting the websites directly, not via an email that could quite well turn out to be a scam or phishing email.
Have you ever been fooled by a phishing email?