To gain unauthorized access to your social network and members’ accounts, phishers may create a webpage that looks like a version of another page, such as your social network’s sign in page. When someone enters their email address and password on a phishing page, this information is sent to the phisher, who can then access their account(s) and/or sell this information to others.
Being aware of and educating your members about phishing is important in order to keep your members’ accounts from being compromised and to keep your social network safe from unauthorized access or malicious activity. Make sure your members are mindful of the URL they’re accessing to sign in to your social network. For instance, if your social network is http://examplenetwork.ning.com, members should always see http://examplenetwork.ning.com in the URL when signing in.
If you have domain mapping, the sign in URL should match your domain mapped URL. You can encourage your members to bookmark your social network so they consistently access the correct URL without question.
Additionally, you and your members should never click suspicious looking links in emails or web pages as these can link to illegitimate sites made to trick someone into entering their sign in credentials. For more information and best practices for avoiding this, take a look at OnGuard Online’s Quick Facts about phishing and the Anti-Phishing Working Group’s Consumer Advice.