Did you know people are hacking into Pinterest accounts?
Had dinner with some family friends last night and my friend mentioned that someone from Argentina had hacked into her Pinterest account.
I was perplexed, and so was she.
Why would someone do that? What’s the benefit? So I started digging around and learned that people will hack into a Pinterest account and post spam pins and then push the spam out onto other social media you have associated with your Pinterest account like Facebook and Twitter.
Interesting, huh? Well, keep reading.
How Do You Know if You’r Pinterest Account Has Been Hacked?
My friend said she got an email in her google email account (which is the email associated with her Pinterest account). The email came from firstname.lastname@example.org and it said, “You logged into Pinterest from a new location.”
So I started Googling and found two people voicing concerns about emails from email@example.com. One said the Pinterest password was about to expire, click here to change your password. The other looked like a regular email from Pinterest taking you to pins you might enjoy, but directed the user to some medical website instead.
What?! I was confused. So I looked in my own email box and I have lots of pin recommendation emails from firstname.lastname@example.org. So what the heck is going on here?!
I found an article online that says Pinbot (recently renamed PinCrusher) is a marketing app you can buy for use with Pinterest. It’s a bot.
What’s a Bot?
As far as it relates to this topic, a bot is an automated program that searches for data.
So, Is It Legit?
I sent an email to Pinterest asking about the email my friend got, and while I was waiting, called my super smart computer guru friend, Chris, to bend his ear about it. (Thanks for your time, Chris!) He said a bot with a link to login information is suspicious.
I got a canned response from Pinterest (I’m sure they get lots of emails and do the best they can to answer them). Here’s what they said:
“As noted in our Acceptable Use Policy, Pinterest does not allow bots. Bots may be resource-intensive and slow down Pinterest for other users, or they may be malicious.”
Well, what about all those emails I get from that address suggesting pins I might like? Pinterest didn’t address that directly in their response so I questioned further and will let you know what they say.
*UPDATE* According to Pinterest Help Center People:
“Yes, emails from email@example.com are from us, and are legitimate Pinterest messages.”
“We are sending emails to pinners whose accounts have had suspicious logins to help them identify the issue and protect their pins. This is one of the emails that we send when we detect an unusual login on the account. Recently, we’ve seen an increase in spam pins from accounts being accessed with compromised passwords. We’ve found that users are able to secure their account with a simple password change.”
The Bottom Line
If you get an email that appears to be from Pinterest regarding a security breach, the best thing to do is go type in the site’s actual url www.pinterest.com and change your password through their security settings. Just to be safe, don’t use the link in the email.
Why Did I Write This Blog Post?
Because, even though I think I can spot a phishing email from a mile away, I would have clicked on this link and changed my password. If it’s fake, they did a good job making it look legit. Another reason I think I would have clicked on it, is be because I don’t treat Pinterest the way I do my bank account, and it wouldn’t have occurred to me that it *might* be phishing.
Friends don’t let friends get hacked, so please share.
Heather Alexander is the author of Secrets of The Mommyhood (and, for today, at least), the Nancy Drew of Pinterest scams! Now back to our regularly scheduled programming: tips, solutions and humor for moms. Follow on Facebook.