Nobel Prize-winning economist and New York Times Opinion columnist Paul Krugman appears to have been taken in by a phishing scam, Business Insider reports. In a tweet that’s since been deleted, Krugman stated that his computer security provider had called him to inform him that his WiFi network was being used to download child abuse content.
“Well, I'm on the phone with my computer security service, and as I understand it someone compromised my IP address and is using it to download child pornography,” Krugman tweeted last week.
After consulting with colleagues at the Times, Krugman began to suspect the phone call was actually a scam. The Times’s security team confirmed to Business Insider that this was indeed the case.
Scammers frequently hook their victims by posing as a trustworthy figure and using fear tactics to get the victims to follow instructions. Accusations involving child pornography are actually rather common in these scams, because the vast majority of people targeted will be innocent. As a result, they’ll be more than willing to cooperate with law enforcement agencies or security providers in order to clear their name. Scammers take advantage of this to trick their victims into providing access or information.
Anyone can fall for social engineering attacks, regardless of their accolades or social status. Some scams, like the one outlined above, contain common themes and can be easily identified once you know what to look for. Others are more complex and aren’t evident on the surface, but they generally still follow a common formula and use similar tactics. You should be on guard anytime someone contacts you seeking information, especially if they seem like they’re trying to convey a sense of urgency.
Education about social engineering tactics is the only thing that can inoculate people against these attacks. New-school security awareness training can help your employees identify phishing scams instinctively.
Business Insider has the story: https://www.businessinsider.com/paul-krugman-hacked-qanon-how-to-avoid-phishing-scam-2020-1
New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn't a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4's security awareness training and simulated phishing platform and see how easy it can be!
