The AP: Scammed by a clever phisher

The AP: Scammed by a clever phisher

<p>We would really like to think that we're clever enough to detect phishing e-mails in our inboxes. Many of them are easy to spot. Even so the scam artists behind phishing e-mails are getting better. And this means they're netting some high-profile victims. For example, as Slate recently reported, an especially sneaky phishing e-mail recently created a lot of trouble for the Associated Press, the country's biggest supplier of wire-service news.</p> <p><b>Syrian Electronic Army</b></p> <p>AP fell victim to a phishing scam set up by a group calling itself the Syrian Electronic Army. This group was able to take over the news service’s Twitter account, broadcasting a message that President Obama had been injured in an explosion at the White House. This message was obviously false, it still had a substantial impact, sending the stock market into a brief but precipitous freefall.</p> <p><b>A real news story?</b></p> <p>How did this attack succeed? Hackers sent legitimate-looking e-mail messages to AP staffers directing them to what was said to be an important news story in the Washington Post. The phishing e-mail was professional enough that some AP staffers clicked on it, starting the process that gave the Syrian Electronic Army control over the company’s Twitter account. AP was forced to de-activate its Twitter account as a result.</p> <p><b>Be aware</b></p> <p>It’s tempting to fault the AP for this attack. Even so the true lesson here is that none of us is safe from the savviest of online scammers. Con artists have advanced beyond the times of phishing e-mails packed with horrendous grammar and sent by “senders� with outlandish names. If you want to protect your online life today, you’ll need to be more vigilant than ever. Scammers are adapting. You’ll need to do the same.</p>