Watch out for Heartbleed password change phishing emails

heartbleed-phishing

A few days ago we discussed the Heartbleed flaw that was causing many people headaches as it potentially allowed scammers to access personal information, such as passwords.

Many of the web services that could have been affected by this – and there were many – have been urging users to change their passwords, just in case their accounts were compromised.

This means that there are more than the usual number of emails floating about cyberspace from companies to their users requesting users change their passwords.

This presents scammers with an unusually effective way to go phishing, since scammers can send their own emails with much more nefarious purposes.

Think about it, you see an email from, let’s say Yahoo, and it says that because of all this Heartbleed nonsense that you need to change your password, and inside the email is a link to go to your account settings to change it.

You, like most people, have heard of the Heartbleed scare and thus believe the email. You click on the link and change your password, which of course usually requires entering your existing password followed by the new password.

The only problem is that the email you got wasn’t from Yahoo. It was from a scammer. The link you clicked directed you to a spoof website that looked like Yahoo and has just stolen your password, and thus potentially given a scammer control of your Yahoo account.

So whilst there will be legitimate emails asking you to change your password, there will also be counterfeit ones as well. To avoid this whole problem, avoid clicking on links inside the email and navigate to the website directly. Something that we recommend doing any way to avoid phishing scams.

Have you seen a Heartbleed “password change” phishing scam yet? Let us know.

Keep up-to-date with all our latest articles. Follow us on Facebook, Instagram and Twitter.

Continued below...


Thanks for reading! But before you go… as part of our latest series of articles on how to earn a little extra cash using the Internet (without getting scammed) we have been looking into how you can earn gift vouchers (like Amazon vouchers) using reward-per-action websites such as SwagBucks. If you are interested we even have our own sign-up code to get you started. Want to learn more? We discuss it here. (Or you can just sign-up here and use code Nonsense70SB when registering.)

Become a Facebook Supporter. For 0.99p (~$1.30) a month you can become a Facebook fan, meaning you get an optional Supporter Badge when you comment on our Facebook posts, as well as discounts on our merchandise. You can subscribe here (cancel anytime.)