© IE Online Media Services Pvt Ltd
Tags:
Journalism of Courage
Zerodha co-founder and CEO Nithin Kamath on Thursday disclosed that his personal X account was compromised after he fell for a phishing email. Kamath shared the details of the incident, admitting the breach happened early Wednesday morning while he was at home.
In the post, Kamath shared that the phishing email managed to bypass all spam and phishing filters. “In a momentary lapse in attention,” he said, he clicked on a link titled ‘Change Your Password’ and unknowingly submitted his login credentials.
“The attackers gained access to a single login session, using it to tweet a few scammy cryptocurrency links,” Kamath explained. He added that he had two-factor authentication (2FA) enabled, which he said prevented the hackers from fully taking over his account.
Kamath emphasised that the phishing attack appeared to be AI-driven and not specifically targeted at him. “Goes on to show that no matter how careful we are, all it takes is one slip of the mind,” he wrote, adding, “As important as technical cybersecurity, are human processes, policies, procedures that account for worst-case scenarios and the psychology of the weakest link, which is us.”
“2FA is absolutely essential, but clearly, it is not a technical solution to human psychology. This is why it is so important for cybersecurity frameworks within organisations and governments to be holistic and not fixate on technical solutions,” Kamath added.
See the post here:
The post quickly went viral, sparking a flurry of reactions. “oh my god. After getting such alerts, I think, it is best to manually go that application and change the password instead of clicking links via email,” a user wrote. “The sender’s email address is clearly giving red signals. That’s why no emails checking early in the morning with half eyes closed,” another user commented.
“Email providers should highlight the domain somehow , so we can be more aware of the situation before actually proceeding,’ a third user reacted.
