TopNav (3K)

GoozerNation2 (5K)

HS1image (1K) HS1image (1K) HS1image (1K) HS1image (1K)

Amy Nelson, Associate Writer

Going Phishing On Twitter (or Facebook, or MySpace, etc.)

The headlines are all over the place lately, it seems. "Reports: Phishing attack hits Twitter"
"Facebook Hit By Phishing Attack For a Second Day"
"Spammers Running Wild In Latest Myspace Phishing Attack"
"Massive Fish May Kill Off Phishing Business For Charter Captains"

Phishing is everywhere, or so it seems. Evil phishermen are sitting at their computers as we speak. They await your slightest status update to swoop down and hijack your account, thus gaining access to all your social networking information, and—via your "friends" or followers" list—access to your contacts as well. Horrors!

The way I see it, this really isn't as big a problem as they make it out to be. I base this purely on the fact that I have several social networking accounts, and no one has ever phished me. This is due in part, no doubt, to the fact that I am not an idiot. I do not click on links in emails that say, "Your account has been compromised. Please you to change password here." I do not make personal information public for all to see. I am not a "friend whore" who accepts invites from people I've never met in a hopeless attempt to validate myself via an inflated friends list. What is up with that, anyway? You know they aren't really your friends, right?

But I digress. The main thing to remember about phishing and social networking is it can be avoided by taking some basic steps to protect your account. When you wish to sign into your account, enter the address yourself. Surely there is no longer any need to say this, but just in case: DO NOT CLICK ON EMAIL LINKS. Many phishing scams use URL's that look similar to the real site. Just because it has "twitter" or "facebook" in the URL does not mean you are at the right place. Type it in yourself.

Don't enter your private information into pop-up windows. Legitimate sites do not use pop-ups. Pop-ups are the junk mail of the Internet, and are rarely anything to be taken seriously. One way to avoid this problem altogether is to use a good ad-blocking program, many of which are free add-ons to your existing web browser.

Do not allow countless useless apps access to your account. Do you really need an account to remind you that is your sister? Or one to tell you that it's your brother's rommate's sister's birthday? No? Then don't allow them.

Do not accept every friend or follower request you receive. Examine each request to see if it is someone you know and actually care to follow. Not sure if you know them from somewhere? That's a pretty good sign right there, but you can always send a private message asking how you know them before you accept.

If you suspect you are being phished, or God forbid you actually clicked on one of those "Click here, I'm not bad, really" links and entered your information, you need to report it.

Phishing emails can be forwarded to spam@uce.gov and to the company that is being impersonated. You can also send those emails to reportphishing@antiphishing.org,which is the Anti_Phishing Working Group. If you suspect any personal information has been stolen, you can report it to the FTC's personal identity theft division here: ftc.gov/idtheft

You no longer need to quake in fear every time you check your tweets or your status updates. Just stay smart, follow basic Internet safety guidelines, and report anything that looks off. Remember, phishing=bad, fishing=good. Unless you're a member of PETA. Then I think it's the other way around.

averyzoe