Heartbleed ~ Watch out for those phishing emails!


Although it only happened last week the Heartbleed security bug – which placed millions of people’s passwords at risk – may seem like old news now, such is the world we live in. Even though the bug has now reportedly been fixed by the developers of the OpenSSL security system however, there is still a potential danger to the public that could go on for some time yet and that is the danger of phishing emails.

What is a phishing email?

If you use your email service a lot then you will have likely noticed a ton of emails last week from social networks and other online services you are signed up for all asking you to change your password, after clicking the link provided of course. The problem is that not all of these emails are legitimate. The illegitimate kind are known as phishing emails and these are sent out by online fraudsters in an attempt to gain access to your online accounts. But if the link is taking me to the website of my bank or social network, how can these online fraudsters get my password?

How fraudsters can obtain your password by phishing

So here’s the really clever bit. Not only do the emails sent out by these online fraudsters look as though they are being sent from a legitimate source but the links contained within these phishing emails also take you to a fake website set up by the fraudsters, a website which often looks identical to that of the bank or social network you use. This website may look identical but it isn’t. The criminals have often set up and designed the website to look identical to the original one, purely for the purpose of obtaining your passwords, both old and new.

Will my Antivirus software protect me?

If you use your email a lot and you receive lots of these emails then you will probably pick up on discrepancies between the usual emails you receive and the phishing emails. Also if you have some good antivirus software installed then it will often give you a warning signal, flag the email in some way or simply put it straight into your junk folder. Even antivirus software isn’t fool proof though and humans certainly aren’t, so what else can you do to protect yourself?

Be sceptical of any email

Personally – as legitimate as they may seem – I’m sceptical of any email I receive which is asking me for personal information or anything related to my password. As we know that antivirus software can be fooled from time to time, the only way to truly protect yourself from phishing scams is to treat any email which asks you for personal or password information as a scam. Don’t ever click the links in these emails. If you receive an email from a supposed “company” asking you to change your password then make sure you change it by visiting the website directly, either by typing the original website URL into your address bar (not the URL in the email!) or by searching for the company via Google. Don’t ever click the links within an email unless you are 100% sure that it is legitimate.

Do I need to change my passwords because of Heartbleed?

The short answer to this is yes. It’s better to be safe than sorry, right? You should really change your passwords on a regular basis anyway so why not use this as an opportunity to do so? Just make sure that when you change them you do so by visiting the websites directly, not via an email that could quite well turn out to be a scam or phishing email.

Have you ever been fooled by a phishing email?  

6 Responses to Heartbleed ~ Watch out for those phishing emails!

  1. “…Be sceptical of any email…” Absolutely! I’m always cautious with these, especially of those that ask for passwords. Like you said, if you need to change a password simply go directly to the site. Don’t link to it through the email.

  2. I got one from Pinterest the other day! Changed my password, but not through the link they emailed me. Change them regularly anyways.

    • Adam Buller says:

      I’ve had loads Femme, Pinterest, Tumblr and many more. I think the danger can be that – due to the volume – you become complacent and just start clicking even though you know you shouldn’t.

  3. It amazes me that even today people will open up an email from an unknown person and click on a link, or open an attachment. Just, NO. Stop that! 🙂 I guess I haven’t paid much attention to the heartbleed bug, and thus haven’t done anything with my passwords….I guess I probably should.

    • Adam Buller says:

      I know Brock, you’d think we’d have all have had enough bad experiences by now to just stop doing it wouldn’t you. I won’t go anywhere near those links nowadays.

Leave a Reply

Your email address will not be published. Required fields are marked *