Hackers Out to Steal Uber Passwords – The Phishing Scam Rundown


Only days after the massive Uber hack first came to light, cybercriminals have already allegedly begun targeting unsuspecting prospective users of the ride-hailing business in a new phishing scam. Uber recently confirmed that in 2016 hackers stole personal information such as names, email addresses and telephone numbers from over 57 million consumer accounts. According to a sources familiar with the matter, some individuals have taken to Twitter to report having received mails purporting to be from Uber, requesting them to “change their password”.

“These emails are not from Uber,” company spokesperson Melanie Ensign “We’ve got multi-factor on by default for drivers & riders, but as always, you see anything suspicious on your accounts, you can contact us through the aid center in the program or help.uber.com.”

“Our deepest apologies. You might have discovered that Uber was compromised last year. We’re sorry to inform you that your information was, unfortunately, confirmed to be a part of this breach. Please click here to confirm you have received this message and alter your password,” reads a clear phishing email, a screenshot of which was tweeted by IT trainer and consultant Dale Meredith.

Meredith explained in another tweet that the screenshot of the phishing email is really an add from KnowBe4, an anti-phishing service which created the Uber-themed email to warning people about such scams. However, several individuals have tweeted out claiming to have received what appear to be Uber phishing emails, suggesting that hackers might indeed be rushing to capitalize on the violation.

Uber is yet to immediately notify its clients about whether they have In case that hackers have the ability to craft mails to seem fairly authentic, they might be able to successfully steal from people. To an unsuspecting consumer, this kind of email may seem authentic, causing them to unknowingly hand over their passwords to hackers.

It’s not uncommon for cybercriminals to launch phishing campaigns soon after a significant breach. Of charity phishing scams — suggesting how cyber criminals capitalize on big events to prey on unsuspecting victims and steal valuable information.