Snapchat caught in phishing campaign

February 29, 2016

We talk a lot about phishing and how dangerous it is. At times we feel like we may talk about it too much to where people simply say, “yeah, yeah. That will never happen to me, I am too smart to fall for that trick.”

Well every time we start to believe that we’re safe, a new tale comes out about a phishing expedition that has compromised a company. The trophy catch this time was Snapchat. Yes, that Snapchat.

Snapchat caught in phishing campaign

Over the weekend an employee clicked on an email supposedly “from” company CEO Evan Spiegel asking for payroll information, and actually sent the data. Unfortunately for this employee, the email was not, in fact from the guy in the corner office, but rather a criminal hiding somewhere on the web. This attack led to “some current and former employees” being impacted.

Snapchat claims that “None of our internal systems were breached, and no user information was accessed”. Besides, Snapchat luckily has promised two years of identity-theft insurance to people who have been affected and reported the incident to the FBI.

While the incident sucks, it is also a wake up call for the rest of us. Point is that the only reason it is breaking news today is that this happened to that Snapchat. Tomorrow it will happen to some Acme Corporation, Anychester, NJ, and nobody will notice that. It actually happens all the time and everyone is potentially vulnerable.

How to stay protected:

  1. Always make sure the sender is really the sender. Otherwise don’t click any links, and don’t send any information requested. It can be very dangerous.
  2. Install a proper anti-virus. Most security solutions, like Kaspersky Internet Security, can help keep you safe from malicious links.
  3. If you are an employer, download this paper to educate your employees on the danger of phishing.