TMW Featured Article

A New Threat to Authors

In the digital age, phishing attacks have become increasingly common and sophisticated, posing a significant threat to authors and their online safety. Penguin Random House, a leading publishing house, reminds authors of the importance of being vigilant and implementing online safety measures to protect themselves from phishing attacks.

What is Phishing?

Phishing is a type of cyber attack where attackers use deceptive emails, messages, or websites to trick individuals into providing sensitive information such as usernames, passwords, and financial details. These attacks often appear to come from legitimate sources, making them difficult to detect. Phishing is a type of online scam where attackers trick people into sharing sensitive information like passwords or financial details. They do this by pretending to be a trustworthy source, such as a bank or a familiar company, and often use emails or fake websites to deceive their victims. The goal is to steal personal information or money, so it’s important to be cautious and verify the legitimacy of any requests for sensitive information.

The Reminder

Phishing attacks, which have seen a significant surge in recent years across various communication channels like emails, texts, and social media, pose a considerable threat to authors, given their public visibility. To protect themselves, authors must learn to recognize phishing messages. These messages often attempt to deceive individuals into clicking on malicious links or opening harmful attachments by using urgent or convincing narratives. Authors should be cautious of messages from seemingly trustworthy sources, such as banks or publishers, and look out for signs like unusual formatting, misspelled URLs, or offers that sound too good to be true. It’s crucial to resist the urge to react impulsively to urgent messages and instead verify the authenticity of the sender and content.

Additionally, authors should be mindful of the personal information they share on social media, as it can make them more susceptible to phishing attacks. Even though social media platforms encourage authenticity, authors should review their profiles and posts to ensure they are not unintentionally revealing sensitive information. Adjusting privacy settings, using strong and unique passwords, and being cautious of suspicious links and messages are essential steps to protect against phishing and other scams on social media. Authors should also report any phishing attempts they encounter to the relevant platform or system administrator to prevent further attacks and safeguard their online security.

How Phishing Impacts Authors

Authors are particularly vulnerable to phishing attacks due to their online presence and the nature of their work. Attackers may target authors to gain access to their literary works, personal information, or financial accounts. Phishing attacks can result in identity theft, financial loss, and damage to reputation.

Authors’ vulnerability to phishing is exacerbated by their reliance on online communication and the value of their intellectual property. Attackers often target authors to access unpublished manuscripts or to impersonate them for financial gain. The fallout from phishing attacks can include delays in publishing schedules, loss of potential revenue, and reputational harm, impacting both the author’s career and financial stability.

Common Phishing Techniques

Phishing attacks can take various forms, including:

Email Spoofing: Attackers send emails that appear to be from a trusted source, such as a publisher or literary agent, requesting sensitive information. Attackers make it appear as though it is from a reputable source, requesting the author to update their payment information. The email may contain a link that leads to a fake website designed to steal the author’s login credentials.

Fake Websites: Attackers create fake websites that mimic legitimate sites, such as publishing platforms or bookstores, to steal login credentials. Authors may receive an email directing them to the fake website to update their account information, unknowingly providing their login credentials to the attackers.

Social Engineering: Attackers use social engineering tactics to manipulate authors into providing sensitive information, often through fake social media profiles or messaging apps. Attackers may create a fake social media profile posing as a literary agent or publisher. They may then contact authors, claiming to be interested in their work and requesting sensitive information such as bank account details under the guise of offering a publishing deal.

How to Protect Yourself

To protect yourself from phishing attacks, follow these tips:

Verify the Source: Always verify the sender’s email address and the legitimacy of the website before providing any sensitive information. For example, if you receive an email from your publisher requesting information, call them using a known phone number to confirm the request.

Use Strong Passwords: Use strong, unique passwords for your online accounts and consider using a password manager to keep track of them. For example, use a combination of letters, numbers, and symbols, and avoid using easily guessable information such as your name or birthdate.

Enable Two-Factor Authentication: Enable two-factor authentication (2FA) for an extra layer of security on your accounts. For example, when logging into your email account, you may receive a code on your phone that you need to enter to complete the login process, adding an extra layer of security.

Educate Yourself: Stay informed about the latest phishing techniques and educate yourself on how to recognize phishing attempts. For example, you can follow security experts on social media platforms to learn about new phishing trends and how to recognize them.

Report Suspicious Activity: If you receive a suspicious email or message, report it to the relevant authorities, such as your publisher or IT department. For example, you can forward the email to your publisher’s IT department or the Anti-Phishing Working Group (APWG) to investigate further.

When do they happen most?

These attacks typically occur when authors are expecting communications related to their work, such as manuscript submissions or royalty statements. Phishing emails may also coincide with major publishing events, such as book launches or literary award announcements, to exploit authors’ heightened online activity during these periods. Authors should be especially cautious during these times and verify the legitimacy of all communications.

Phishing attacks pose a serious threat to authors, but by being vigilant and implementing online safety measures, you can protect yourself from falling victim to these attacks. Stay informed, verify the source of communication, and report any suspicious activity to ensure your online safety.

Remember, your online security is paramount, so take the necessary steps to protect yourself from phishing attacks.


Fill out the form below, and Barbara Swift will be in touch shortly.

Contact Information