Washington Post: “…This month, Facebook warned a million Facebook users their accounts might have been compromised by 400 malicious apps that were designed to trick them into handing over their Facebook log-in information. Criminals were making fake log-in buttons. And I’d like to share a doozy of a cautionary tale: A Washington Post reader wrote to me recently about a Google log-in button on a job portal called iCIMS designed — at least in theory — to help people upload their résumés. Turns out, using it inadvertently grants the site access to your entire collection of digital files. You might not know the name iCIMS, but many people applying for jobs do: It has 2.4 million users and is used for recruitment by companies including Microsoft, Uber, UPS, Target and IBM. The iCIMS job application site offered The Post reader’s daughter the ability to upload her résumé directly from Google Drive, the online storage service. Sounds convenient, but when she clicked on the Google Drive button, a message popped up: “This will allow iCIMS to: See and download all your Google Drive files.”
Sorry, comments are closed for this post.