Just last week it was announced that hacker attacks using phishing scams and malware have surged 400% this year's tax season alone. We've told you in the past how to spot and avoid these types of emails but, sometimes a hacker manages to send the right fake email to the right person, and they get everything they want. Major tech company Snapchat found that out the hard way.
Snapchat, the popular self-destructing picture-messaging app, has admitted that an employee has fallen for a personally targeted and isolated phishing scam that put hundreds of Snapchat employees at risk of identity theft.
According to the Official Snapchat blog, here's what happened:
Last Friday, Snapchat’s payroll department was targeted by an isolated email phishing scam in which a scammer impersonated our Chief Executive Officer [Evan Spiegel] and asked for employee payroll information. Unfortunately, the phishing email wasn’t recognized for what it was–a scam–and payroll information about some current and former employees was disclosed externally. To be perfectly clear though: None of our internal systems were breached, and no user information was accessed.
The company also said that it had notified the FBI within hours of the incident occurring and reiterated that its servers had not been breached and all its users data is still safe - the incident only involved current and former employees. And luckily, the duped employee spoke up.
To try and help right the wrong, Snapchat is offering employees two years of free identity theft insurance and monitoring. It said it will also be providing training in privacy and security to its employees in the upcoming weeks.
This is a good reminder that anyone can fall for a phishing email if it comes from the right source or says the right thing. It takes just one mistake for your information to end up in the hands of hackers; and it doesn't even have to be your mistake.