According to our friendly Aunt, Wikipedia, Phishing is a way of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. This is similar to Fishing, where the fisherman puts a bait at the hook, thus, pretending to be a genuine food for fish.
And since I’ve seen a lot of Phishing Pages here on Tumblr, I thought It would be nice to make an article about it.
In simpler words, Phishing is simply a way of “hacking” where people make up a page that looks like a certain page so they can get information from you. For example, some Tumblr users make pages that looks exactly like the Tumblr Log in page. They then send a link to everyone and when other Tumblr users visit this page, they would think they’ve logged out because they’re in the Log-in page. As a result, they “log-in” on this page. What they don’t know is once they typed in their passwords and Email addresses and pressed the log-in button, these are sent to some email where the owner of the page can read the email address and the password. As for the one who thought he’d logged in back again, all that has happened is he was redirected to his dashboard. And he would never know what happened until some spam posts appears on his blog.
So how do we prevent getting Phished? Here’s a list:
- Always check the address bar if you think you shouldn’t be logged out. The real Log out page URL should be tumblr.com/logout. There’s nothing in between those like jessica.tumblr.com/logout or tumblr-asdf.com/logout.
- Don’t click links on spam posts. Spam posts usually say something about a girl who posed naked, a girl who cut and posted pictures of herself, an iPad raffle/giveaway, or something like that. I’m not saying all posts that are like this are spam posts. But be careful and always check the URL.
- Once you see posts on your blog that you didn’t post, change your password immediately. Phishers only rely on the data you sent so changing your password would instantly prevent them from doing anymore harm.
- Do not Reblog the Spam post to prevent other users from clicking the link.
- If you think someone’s been Phished, don’t hesitate to tell them what’s going on. Tell them to change their passwords and to delete the spam posts.
Phisher’s don’t usually do much harm other than posting stupid stuff on your blog or (possibly) changing your password, but you can always get a way around it. They’re usually busy posting stuff on your blog that they don’t think about changing your password. If they do though, you can always, click that “forgot password” on the login page.