Even when we should know better, sometimes we let our guard down online.  This last week, I got phished.  Phishing is when malicious users trick you (sometimes even without realizing it) into giving them sensitive information like usernames, passwords or credit card numbers.

This last weekend, I saw a post on a friend’s Facebook wall, by someone I’ve seen post there before– so I recognized their name, and thought I could trust them.  They were letting our mutual friend know that Southwest Airlines was giving discount coupons away on their Facebook page, and provided a short-link.  It looked legitimate.  “Wow!  Cool!” I thought, “I fly Southwest sometimes, that would be great!”  So I clicked the link.  It “hung” and never seemed to go through– I was mildly disappointed and gave up.

Of course, what had happened before I did that, was that the friend-of-a-friend (the one posting on my friend’s wall) had also done the very same thing, and when they did it– and when I did it — that action gave the malicious phisher access to my Facebook username & password.  Most likely the phisher has this all automated, so that very soon after I gave away my info, all my friends started getting the same fake messages on their walls.

Sometimes, the phishing attempts are clumsy and clearly not on the up-and-up, but other times, they look very legitimate.   The phisher/hacker is all about trying to get you to click the link or send the email.

Do they just do this for kicks?  No.  The phisher/hacker is hoping to gather enough information to perpetrate identity theft so they can make money.

If you’ve been phished, what should you do?   On social media like Facebook and Twitter, it usually is enough to simply change your password.  This will hopefully get the hacker & their bots out of your account.   You may need to click a “forgot my password” link to get your password reset.  This normally generates emails to the email that you used in creating your account, which is a good way to keep track of changes to your account.

While I hope we can all avoid being phished, if you’re online much, it’s almost unavoidable.  Hopefully, now you know what to do.  Anyone have phishing stories to tell in the comments?


4 Responses to Phished!

  • LeAnn says:

    Facebook now has a new feature which allows you to track if a new computer uses your account. I have signed up for it. It is a pain as I use two different computers at home and two in the office, but I now know if someone else logs on somewhere else. It is under Account Settings/Account Security.

  • Tom N says:

    This has become so incredibly common. The criminal element has gotten very good with the whole online thing.

  • Sometimes it might be a good idea to change the email associated with your Facebook account, too. I wouldn’t be surprised if some phishers have a way to get your email, too. But that could be me being paranoid.

    Caution is key. Thanks for sharing your blunders with honesty. Makes me think twice about who’s sending what and why.

    Elisa Michelle

  • Rodger Ling says:

    The real problem is that simply clicking a link could ever allow access to your account information without further authorization. I’ve never quite understood how the coders pull that off.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Constant Contact

Constant Contact


Christian churches may be interested in the resource Spiritual Formation Newsletter Content, and online resource that makes available short articles on spiritual formation appropriate for email newsletters.