Cybersecurity Awareness
Beware of Spam Accounts on Story Comments That Might Cause Security Problems
These spam accounts might lead to social engineering and phishing attacks, causing cybersecurity impact and implications.
Earlier today, several readers of my stories contacted me privately via email or my Slack workspace, puzzled by why I asked them to contact me through Telegram when joining the Medium community, as the message did not make any sense to them.
Many readers expressed concerns, rightfully sensing a scam, while others were genuinely curious about Telegram, a platform I don’t frequently use for security reasons. And some readers even thought that my account was hacked, and they asked me to report it immediately. I was grateful for the vigilance of my readers.
The purpose of this short post is to alert my readers to the existence of a new fake account designed to harvest information from Medium members, potentially for malicious intent. This creates serious concerns for our safety and security on this platform.
Today, I’ve noticed spam comments on many of my articles, including the new one about sexual health, originating from an account with the same name and photo as mine, clearly aiming to deceive my readers. However, the one feature they couldn’t replicate was my blue author badge, a distinction granted by Medium.
I have promptly informed the Helpdesk and the Medium Trust team, and I have faith that they will take the necessary steps to remove this offending account, just as they did a few weeks ago. It is so common that since 2019, my account has been emulated by hackers many times.
In the interim, I’d like to caution Telegram users not to engage with an account bearing that name in the comments, as it does not correspond to my legitimate account. It’s quite possible that this is a hacker’s account attempting to launch a phishing attack on unsuspecting individuals.
To my fellow writers, if you come across similar comments on your stories, I strongly encourage you to report them immediately and create a support ticket via help.medium.com. This proactive approach will not only safeguard your account but also protect the accounts of your valued readers.
Update on December 2023
Unfortunately these scam accounts impersonated me once more at a massive scale and scammed some of my loyal readers who believed them. I wrote a new story alerting senior leaders on Medium to take urgent action to safeguard the community. Thank you for your feedback on this story. Please share the friend link with readers and writers in your circles. Unfortunately, not many readers got a chance to see this important story.
Brief Overview of Social Engineering and Phishing Tactics
Social engineering and phishing are tactics malicious actors use to manipulate people into divulging sensitive information or performing actions that compromise their security. Social engineering involves psychological manipulation and deceit to exploit human behavior.
Attackers impersonate trusted entities or use persuasive techniques to trick users into revealing confidential data, such as passwords, personal details, or financial information. They may employ various tactics, such as impersonating a trustworthy organization, creating a sense of urgency, or using familiarity to gain a victim’s trust.
Social engineering attacks can occur through various channels, including blog posts, articles, emails, phone calls, or in-person interactions. They exploit human emotions, like fear, curiosity, or a desire to be helpful.
Phishing is a specific type of social engineering attack conducted through digital means. It typically involves deceptive emails, comments on blogs, messages, or websites that mimic legitimate sources.
The goal is to trick recipients into clicking on malicious links, opening infected attachments, or providing confidential information. Phishing emails appear as if they come from reputable organizations, financial institutions, or known contacts, making it challenging for recipients to discern the deception.
The ultimate objective of phishing attacks is to steal sensitive data, gain unauthorized access to systems, or distribute malware, all of which can have serious consequences for individuals and organizations.
To mitigate these risks, users and organizations should remain vigilant, employ security awareness training, and use cybersecurity tools to identify and thwart social engineering and phishing attempts.
Guidance from Some of My Articles
As a technology professional, I wrote several articles about cybersecurity and hacking attempts, including ransomware and API security. For example, in 2021, I wrote about a new strategy of hackers affecting freelancers.
Please remember that millions of accounts were hacked recently, as I reported in a story last year.
We also need to be aware of deep fake technologies, as I articulated in the attached story.
These scams are so sophisticated that they even caused me grief last year, and for the first time in my life, I had to call a lifeline.
In addition to financial loss, cybersecurity issues, and online scams can cause serious mental health issues for victims. To protect our health, we need to proactively deal with security issues and obtain professional help when needed.
The proliferation of artificial intelligence (AI) technologies has brought about a notable escalation in cybersecurity risks. The ease and cost-effectiveness of generating bot accounts have amplified the challenges in safeguarding online spaces, and the situation may become even more concerning as AI capabilities advance.
While I do not harbor personal concerns about artificial intelligence, the notion of artificial superintelligence with quantum computing capabilities does instill a sense of apprehension, as I articulated in a previous story.
I haven’t written much about technology and cybersecurity recently, but I will write more soon to inform my readers from my technology and leadership account, which will be a separate blog from my usual health and well-being stories.
In the meantime, you may check why I use ethical hackers in my enterprise architecture projects in large business organizations.
Thank you for reading my perspectives. I wish you a healthy and happy life.
They did the same thing on the account of Aiden (Illumination Gaming). Here is how he handled it.
To inform my new readers, I wrote numerous articles that might inform and inspire you. My topics include brain and cognitive function, significant health conditions, valuable nutrients, ketogenic lifestyle, self-healing, weight management, writing/reading, and humor. 100+ Insightful Life Lessons from My Circles for the Last 50+ Years
I publish my health and wellness stories on EUPHORIA. My posts do not include professional or health advice. I only document my reviews, observations, experiences, and perspectives to provide information and create awareness. Be Your Own Therapist in 10 Steps.
To get my post in your inbox, you may subscribe to my content. If you are a writer, you are welcome to join my publications by sending a request via this link. I support 25K+ writers who contribute to my publications on this platform.