02/10/2023 at 12:15 p.m. by Claus Ludewig – A security incident has occurred at the social news aggregator Reddit. An employee fell victim to a phishing attack, for example, so that access data fell into the wrong hands.
With phishing emails, victims receive messages asking them to enter their access data on a fake website. This is how criminals get the user data they need to be able to log on to a platform, for example. Last weekend, a Reddit employee fell victim to a phishing attack, as the co-founder explained. This allowed criminals to gain access to internal systems.
What does the phishing attack mean for Reddit users?
According to the CTO, the passwords and user accounts of the Reddit users should not have been stolen, according to the current status of the investigation. However, the attackers used the Reddit employee’s access data to gain access to internal documents and Reddit program code. And some contact information was captured from corporate contacts.
According to the social news aggregator Reddit, the employee concerned reported the phishing incident themselves, and the security team reacted quickly and blocked access. To secure the Reddit user account, it is recommended to enable two-factor authentication. In the user settings, in the privacy & security tab, under the advanced settings, there is the option to activate two-factor authentication. From now on you have to enter a six-digit code that expires after a certain time with every Reddit registration.
Also worth reading: Reddit discussion: Which programs should be deactivated in Windows autostart
Reddit Phishing Attack Collection:
Reddit has been the victim of a phishing attack, with criminals gaining access to internal systems. A Reddit employee has been the victim of the phishing attack and entered their credentials on a fake website. The attackers used the data to gain access to internal documents and program code. According to the company, however, no access data was stolen from Reddit users. However, it is recommended to enable two-factor authentication.