2302-Reddit-Phishing-Attack-Mini-Blog-LinkedIn-Ad-1

Reddit Systems Hacked by a Sophisticated and Highly-targeted Phishing Attack

Hackers have gained access to internal Reddit systems. They targeted Reddit employees with a sophisticated phishing campaign. They obtained an employee’s credentials, and then had access to internal systems and documents. Read the report on Reddit's Phishing attack.

Reddit Security incident phishing

Credit to Reddit for being open and transparent about the attack. This is in line with many other high-tech companies that have been victims in the same way like Twitter, Mailchimp, LastPass, CISCO….

The important lesson is that hackers use social engineering methods to convince employees to give away credentials like passwords and 2FA keys. Some hackers target the individual, others target the central service desks and pretend to be a real user.

Mitigation requires awareness campaigns for the general staff and secure workflow for identity verification for the central services: FastPass Identity Verification Manager

 

Finn Jensen

Finn Jensen | Founder, FastPasscorp

Related Posts

Scroll to Top