Nobel laureate Paul Krugman said he likely fell for a phishing scam. Here's how phishing scams work and how to avoid them.

Advertisement
Nobel laureate Paul Krugman said he likely fell for a phishing scam. Here's how phishing scams work and how to avoid them.
paul krugman

Neilson Barnard/Getty Images

Advertisement

Nobel Prize-winning economist and New York Times Opinion columnist Paul Krugman

  • New York Times columnist Paul Krugman tweeted Wednesday that he received a phone call indicating that hackers downloaded child pornography on his WiFi network.
  • Krugman later said he realized that the phone call, which he thought was coming from his "computer security service," was likely a scam.
  • The incident appears to be a case of phishing, wherein scammers pose as an authority or service provider in order to trick people into disclosing personal information.
  • Cybersecurity experts say phishing is a rising threat, but that it's largely preventable.
  • Visit Business Insider's homepage for more stories.

Paul Krugman, the Nobel Prize-winning economist and columnist for the New York Times, took to Twitter Wednesday to share some alarming news.

Complimentary Tech Event
Transform talent with learning that works
Capability development is critical for businesses who want to push the envelope of innovation.Discover how business leaders are strategizing around building talent capabilities and empowering employee transformation.Know More

"Well, I'm on the phone with my computer security service, and as I understand it someone compromised my IP address and is using it to download child pornography," Krugman said in a since-deleted tweet.

The tweet drew baffled responses from Twitter users, many of whom pointed out that an IP address isn't a device or system that can be compromised - it's just a number that identifies a computer on a WiFi network.

Advertisement

Krugman later said that, after his colleagues at the Times looked into the issue, he realized the phone call was likely a scam. A spokesperson for the Times did not immediately respond to a request for comment.

The incident appears to be an example of a phishing scam, in which scammers pose as an authority or service provider (like a computer security service) to scare their victims into handing over personal information.

Here's everything you need to know about phishing scams and how you can avoid them.

Exclusive FREE Slide Deck: Top 10 Trends in Digital Media by Business Insider Intelligence

{{}}

The majority of hacks and breaches are the result of phishing.

The majority of hacks and breaches are the result of phishing.

According to a 2019 cybersecurity study published by Verizon, most breaches in the past year involved hackers stealing people's credentials using phishing scams.

Phishing is a rising threat, according to cybersecurity experts.

Phishing is a rising threat, according to cybersecurity experts.

According to the Verizon report, email-based phishing scams are on the rise, and are the most prominent form of cyberattack.

Advertisement

Phishing usually starts with a call, email, or pop-up that looks legitimate but is actually coming from a scammer.

Phishing usually starts with a call, email, or pop-up that looks legitimate but is actually coming from a scammer.

Beware of anyone who asks for personal information via email or phone, especially when you weren't expecting them to get in contact.

Beware of anyone who asks for personal information via email or phone, especially when you weren't expecting them to get in contact.

According to a guide compiled by Google, phishing attempts usually seek out usernames, passwords, Social Security numbers, bank account numbers, or personal information. Most legitimate organizations will never ask you to send sensitive information via email.

Advertisement

If you receive an email or phone call that you weren't expecting that's asking for personal information, try to verify where it's coming from.

If you receive an email or phone call that you weren't expecting that's asking for personal information, try to verify where it's coming from.

If it's an email, double check the sender's email address to make sure it's coming from the domain they claim to be affiliated with — scammers will regularly use slightly modified email domains meant to resemble the real deal. You can also use online tools to check whether the email is authenticated.

When in doubt, cease communication and try to contact the organization directly.

When in doubt, cease communication and try to contact the organization directly.

If you're communicating with someone who you suspect isn't with the organization they say they are, try to verify with that organization directly. For example, if someone says they're with your phone provider and is asking for personal information, hang up and call your phone provider directly.

Advertisement

If you spot phishing, report it.

If you spot phishing, report it.

Most email and phone providers have internal channels to report suspected phishing attempts. The Department of Homeland Security also encourages people to report phishing through their website.

Next StoryHow a YouTube creator earned $400,000 from ads last year, without millions of subscribers