Google+ invites…round two.

I actually got an offline comment from someone regarding my blog post yesterday. They asked why I hadn’t mentioned actual hackers who collect email addresses for phishing schemes.

While I actually thought my subtle coverage of this subject by capitalizing random letters throughout the early paragraphs of the post to spell out the word PHISHING had this taken care of, with my postscript adding to it, I guess not all five people who read my blog caught it.

So, I thought I’d cover the thing in a less subtle way, to let my thoughts be known.

Publishing your email address on the internet does not make you more likely, in any way, to be the victim of a phishing or spearphishing scheme. In this case, since you requested the Google+ invitation, it would be spearphishing.

Your policy of clicking on links in any email you get makes you subject to phishing attacks.

In my earlier analogy, I compared your email address to being like your house address in the physical world.

People knowing your address does not make you more vulnerable to people coming into your house. If you have a policy of letting anyone who knocks on your door into the foyer, though, that’s a different matter.

So, I was well aware that phishing attacks were going on using Google+ invites as their entry gambit.

All I’m saying is that publishing your email address isn’t what makes those attacks effective. Clicking links in email does. In my opinion HTML does not belong in email. If you get an email about a Google+ invite, or anything else for that matter, go to the site yourself. Sign in on their verified HTTPS page, and see if the invite is waiting for you on your account. If it’s not…well, you might want to look at that email a little harder.


~ by Benjamin Kenneally on July 2, 2011.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: