A scammer used my face and name to target my co-worker with "private" photos

Shutterstock

On Friday, my co-worker James received a curious text: an invitation, supposedly from me, Melanie Ehrenkranz, to view seemingly NSFW images that would self-destruct in 25 minutes. 

The text sent from "me"  Mic

"WARNING! THESE ARE PRIVATE VIDEOS & PHOTOS FOR JAMES DENNIN," the invitation read. "PLEASE BE DISCREET."

The invite included a photo of me, one likely ripped from my Facebook profile photos. "Uhh, I just got a weird text from 'you,'" my colleague told me.

The link navigated to this invitation.  Mic

Wary of being the target of a mysterious revenge porn plot, I sent the info to Radware security researcher Daniel Smith. He said the messages sounded like "a social engineering attempt from a phishing site."

I'm still attempting to figure out who used my face and name in this phishing scam, but here's what I do know.

What is phishing?

A phishing scam is when someone tries to get sensitive information from you, such as your password or credit card information, by posing as someone you would trust, like a legitimate company or, in this case, a colleague.

"These messages usually direct you to a spoofed website or otherwise get you to divulge private information," Indiana University's website explains.

The domain for "securchatly.com" was created a day before the message was sent to my colleague, according to Who.is. It now redirects to Yahoo.com. ("Cybercriminals are not known for their grammar and spelling," Microsoft notes, referring to one way to spot a phishing scam.)

Seeing my name and photo on my co-worker's screen in an attempt to lure him into clicking on private images of me was a harsh reminder of how easy it is to manufacture an impersonation of anyone online — a fraudulent identity that could be used to steal personal information from a colleague. More disturbingly, it's a small example of how women are targeted in cruel, exploitative revenge porn attacks. (See here, here and here.)

If you receive a message or link from an unknown number or user that airs a whiff of suspicion, skepticism is your friend. Don't click on it.

Have you received a text similar to the one mentioned above? Email me at melanie@mic.com.