A phishing attack takes place when an unsuspecting victim receives an email from a company that looks genuine. It might have a company logo on it and look genuine. But these missives are attacks in disguise designed to get the victim to tap on a link which will start a process that will result in your device getting infected by malware. In the worst-case scenario, the attacker can then take control of your device and get access to your personal accounts including your bank account.
Information belonging to Reddit subscribers and the platform itself were not compromised
Reddit notes that the attacker did not break into the firm’s primary production systems which is where the social media company stores most of its data and the stack that runs Reddit. The attacker did have access to contact information for a limited number of companies and current and former employees. Also exposed was limited advertiser information.
Reddit was the target of a phishing attack
The Reddit post announcing the details of this breach makes it clear that the data belonging to Reddit subscribers was not accessed by the attacker. The company spokesperson wrote, “Based on several days of initial investigation by security, engineering, and data science (and friends!), we have no evidence to suggest that any of your non-public data has been accessed, or that Reddit’s information has been published or distributed online.”
“Similar phishing attacks have been recently reported,” Reddit wrote. “We’re continuing to investigate and monitor the situation closely and working with our employees to fortify our security skills. As we all know, the human is often the weakest part of the security chain.”
Reddit gives a couple of suggestions to secure your account
Reddit says that the best way to protect your Reddit account is to set up two-factor authentication (2FA) which adds an extra layer of security to your Reddit account as it requires you to enter a code that is sent to your phone to access Reddit. To do this, you need to go to your Reddit account on your computer and follow these directions:
- Click on your username in the top right of your screen.
- Select User Settings and click on the Privacy & Security tab.
- Under Advanced Security, you’ll see the Use two-factor authentication control. To enable it, click the toggle to on.
- Next, enter your password and click Confirm.
- Follow the step-by-step instructions to set up your authentication and don’t forget to save your backup codes.
- After setup, you may be asked to log out and log back in to your account. Moving forward, you’ll need to enter a 6-digit code from your authenticator app every time you log in to Reddit.
If you’re worried about the security of your Reddit account, you might want to follow the aforementioned suggestions.