Dear Sir or Madam,
First I must solicit your confidence in this transaction. This is by virtue of its nature as being utterly confidential and top secret. We are top officials of the Federal Government Contract Review Panel who are interested in importation of goods into our country with funds which are presently trapped in Nigeria. In order to commence this business we solicit your assistance to enable us RECEIVE the said trapped funds ABROAD. For your kindly assistance we can reward you with the sum of $14 million...
I think it's safe to say we've all received an email that started off something like this. Conveniently, I usually only find scams like this floating among other bogus offers in the abyss of my spam folder. Unfortunately, Google says you might start seeing offers like this in your inbox—and sent from your friends' addresses.
Basically, not very many people are falling for the rich Nigerian prince ruse anymore. Though, the fact that anyone is still falling for it is pretty depressing. Anyhow, to make phishing scams like these seem legitimate, scammers are now sending messages from the hacked accounts of your friends.
This means many spammers are turning into account thieves. Every day, cyber criminals break into websites to steal databases of usernames and passwords—the online "keys" to accounts. They put the databases up for sale on the black market, or use them for their own nefarious purposes. Because many people reuse the same password across different accounts, stolen passwords from one site are often valid on others [Google].
Google has a ton of great info on their blog, but the gist is, if you're prompted to change your password, do it. And no, "password", "123456", and "myownname" are not acceptable passwords. Your best bet is going to be to keep a different password for each site or service you use and use a client like 1password to manage them. That way, even if say, your Facebook password gets leaked, your email and other accounts will still be safe.
 |
| This is Eddie Murphy, not a Nigerian prince. But he's more likely to send you vast amounts of money than the guy in your inbox. |
Basically, not very many people are falling for the rich Nigerian prince ruse anymore. Though, the fact that anyone is still falling for it is pretty depressing. Anyhow, to make phishing scams like these seem legitimate, scammers are now sending messages from the hacked accounts of your friends.
This means many spammers are turning into account thieves. Every day, cyber criminals break into websites to steal databases of usernames and passwords—the online "keys" to accounts. They put the databases up for sale on the black market, or use them for their own nefarious purposes. Because many people reuse the same password across different accounts, stolen passwords from one site are often valid on others [Google].
Google has a ton of great info on their blog, but the gist is, if you're prompted to change your password, do it. And no, "password", "123456", and "myownname" are not acceptable passwords. Your best bet is going to be to keep a different password for each site or service you use and use a client like 1password to manage them. That way, even if say, your Facebook password gets leaked, your email and other accounts will still be safe.
No comments:
Post a Comment