A reader has a question about a security alert that arrived in her inbox.

“I got an email from Lynksis asking to change my password because of an attempted hack. Is this legit or is this a phishing e-mail? Thanks for your response.

She included the email below:

Dear Linksys Customer,

All Linksys Smart Wi-Fi accounts were locked at 8:00 pm PDT on April 2 because someone was logging in with email address and password combinations stolen from other websites.

Your account was not compromised, but out of an abundance of caution we locked it to prevent unauthorized access. You need to change your password to log back in – unless you have already done so since we locked it.

RESET PASSWORD
You can also reset your password by clicking Forgot your password? in the Linksys app or by going to Linksys Smart Wi-Fi in a browser.

We have anticipated some FAQs if you want more details about what happened. On that page, you’ll find links to our customer support team.

It’s smart to be wary. At first glance, I’d tend to think it was legitimate. Because there’s no alarmist language that tells you that you immediately have to do something or there will be dire consequences.

Also, there are no links to click. They just tell you to go to your Linksys account or open your Linksys app. I went to the official Linksys support page and found that there was indeed a security alert.

It seems scammers used a COVID-19 scam to trick users into downloading malware. This malware stole web credentials. The folks at LinkSys noticed that scammers were using those stolen credentials to access Linksys Smart WiFi accounts, so they changed the passwords to all accounts.  Good move on their part. Good move on your part for being cautious.

You can click here to read the whole security alert.