Over 8000 over Tumblr bloggers are hit by a massive phishing scam. The victim who got caught by the scam were tricked into unknowingly handled their login credentials to the fake Tumblr server. In this phishing scam, there were three rogue website names involved which were tumblrlogin.com, tumblrq.com and tumblrsecurity.com. This even had been started since few days back and with the duration given, it is quite reasonable to have more than 8000 accounts compromised.
Tumblr Phishing – How Does It Work?
How the scammers able to trick so many bloggers out there is to simply offer the user some pornographic content which on the other side, they need to revalidate their Tumblr account first. Normally, when a user already reached that sort of page, they should have no further hesitation about phishing since the website names are all pretty similar to actual website. For the users who are curious on how the Tumblr phishing site looks like, you ca refer to the screenshot below.
Tumblr Phishing Solution
Phishing is some old technology in hacking or scamming. Hence, no matter how complicated this attack can be, it does not lie 100% on the technical side. It will only rely on the user’s experience in internet browsing. As a result, users should watch out for this kind of pages before proceeding any further. In addition to that, you should also check the URL and see if it matched correct the exact website. Any additional character in the website URL can make a lot of difference. There is a Tumblr phishing alert community out there and I personally feel any Tumblr bloggers should pay that site at least a visit.