Find My Phone is a great security feature that allows an iPhone owner to remotely lock his or her device should it be lost or stolen, thereby securing all the data on the phone and rendering it useless without the entry of a security code. But, problems arose for the Aussies when a hacker going by the name of Oleg Pliss somehow obtained usernames and passwords, and locked the rightful owners out. Apple says it has not been the victim of any security breach and suggests that credentials were gained either by phishing or because of password reuse.
Phishing attacks are just a modern form of film flam and trickery. A scammer sends an email that looks authentic, and the dupe dutifully responds with all kinds of information that is best not shared with bad guys. Phishing can be thwarted by never clicking on links in emails. If a legitimate web site needs information from you, you will be able to find their inquiry on their website. If you get an email asking for any information:
1. Make note of what website it is supposedly from.
2. Delete the email.
3. Go to the subject website by opening your browser and using your own bookmark. If you do not have a bookmark, enter the URL for the website you are trying to reach, or use a trusted search engine to bring you to the genuine site.
4. Log in and look for a message to you.
Follow this method for dealing with emailed information requests and you will avoid falling prey to almost all phishing attacks.
I've discussed Password Reuse before. In a word, it's bad. If you use the same username and password at more than one site, once a hacker gets information from one web site breach, he has access to every account you have that uses that username/password combo.
No comments:
Post a Comment