To most people when we think of phishing attacks we usually relate it to email spam flooding our inbox. Sometimes, if we’re really lucky, we get a message from a hacked email account of a friend, coworker or supervisor drawing us back to a cloned landing page hungry for our login credentials. It’s an impossible hope that employees remain hyper vigilant or alarmingly paranoid regarding every single email. To compound the threat, Twitter has recently become the latest hotbed of phishing attacks.

Cybercriminals are now hacking into Twitter accounts and blasting direct messages to followers, with the hope that they login to the phished site to address an attributed photo or a “bad blog” about themselves. First of all, congratulations if you’ve reached the pinnacle of the socially digital world and believe that someone is so concerned in relation to your existence that they could only express it in a blog. Probably unlikely, but if you are one of these chosen few, clicking on a link that was only accessible while being logged into Twitter in the first place, but now otherwise requiring an additional login might be a warning sign. Another red flag could be that your saved credentials that usually auto-fill within the login page are no longer utilized. Come on, just use common sense.

I know for IT professionals, resolving the Problem Exists Between Keyboard and Chair (PEBKAC), can sometimes seem like a logical human being trying to tell someone that their love for the show “The Jersey Shore” will directly result in the fall of modernity. Because sometimes no matter how reasonable something may seem to someone, it isn’t necessarily a guarantee they’ll follow through. But the important thing is to realize that these attacks are real and the second step is to act. An educated employee is more secure than the alternative. If we can learn to educate, apply common sense at our desks and take proper security procedures to alleviate these threats, we’ll all be better off.