Gmail and other email services are all vulnerable to increasing phishing scams. Learn what to look out for and how to safeguard your personal account and business.
As current events have shown, even the upper echelons of American governance have been vulnerable to phishing scams. The Democratic National Committee’s official email accounts were recently the target of an effective phishing campaign, leaving us all to question the ways in which we’re vulnerable to cyber attacks.
A new extremely active phishing technique, aimed at Gmail and other email services, is being implemented to nab log-in credentials that are designed to fool even the most educated digital users.
The scam works by hackers sending out emails via hacked accounts to those users’ contact lists. Many of the emails include an image that looks like it could be an attachment, though when the image is clicked on, instead of a preview of the file, a new tab opens with a mock prompt from Gmail to sign into the email account again. Even the URL mimics an actual Gmail page: accounts.google.com. The sign in appears to be perfectly legitimate, though once a user signs on, they compromise their email account and with it other sensitive personal information. Hackers are then able to spread the scam immediately to others in your contact list with the access to your email.
To protect yourself from such attacks you have to change what you’ve always known in regards to cross checking phony-seeming links and emails. As this phishing scam mimics the URL of an actual, reputable website, you can’t always double check by just looking at the link. If you see the following text before the https beginning of the URL: data: text/HTML, this signifies a scam link.
As a rule of thumb whenever you log-in to an email service website, or any site asking for credentials, be sure to check the browser location bar and corroborate both the protocol and the hostname for legitimacy. For a Gmail account, it should read like this: https://accounts.google.com/ServiceLogin?… Verify that there isn’t additional text between the hostname “accounts.google.com” aside from “https://” and the lock symbol on the location bar, which should appear as green if you’re safe, as Google relies on this function to signify a secure site.
Also, consider enabling two-step or two-factor authentication on your email service. This makes it harder for hackers to sign-in to your account even if they have your password.
If you’re unsure of whether your email account may have been the subject of a phishing scam in the past, it’s a good idea to change your password anyway. A function on Gmail allows you to see log-in activity to find out if any other users have been logging into your account without your knowledge. This can be accessed through Gmail’s support page, view the Details icon at the bottom of your inbox. If you uncover any log-ins from places where you haven’t been or any active sessions from undetermined sources you can actively remove those sessions.
Raising your awareness of this issue and staying vigilant on good digital practices can help to ensure the safety and security of your email accounts and personal data.
Thanks for helping us upgrade our Macs and get them working exactly as our business needs! Fast, convenient and very knowledgeable! You’re the best!
Alary Technologies has been our IT support team for the past year at the START Clinic for Mood and Anxiety Disorders. They have done a excellent job in upgrading our system, organization, and supporting us in technical computer matters. Compared to other IT companies we have worked with, Alary Technologies comes on top. Ahmed Kufaishi the Managing Director at Alary Technologies is solution focused, knowledgeable and makes an effort to really understand his clients’ needs. It has been a pleasure to work with Ahmed and Alary Technologies. I would recommend their services to other companies and clinics.
“We continue to work with Alary Technologies due to the fact that they are quite educated and knowledge based with current upgrades, and their commitment to their customers.”
Ahmed has been providing our company with expert IT services for close to 3 years. He has guided us through hardware upgrades, server back up procedures and was instrumental in brokering a custom software program that fully automated some key functions in our business. Ahmed has always been thoroughly professional in all his dealings with us and has provided consistent and sound advise for all of our IT requirements. We consider Ahmed and Alary Technologies to be an important partner for our business.
It is refreshing to work with someone who can organize things and describe in plain language. I have a large and growing knowledge base for my work as an architect. I have realized that I can’t do everything, that I do need a team member who can look after this one relatively small by crucial part of my practice.