Phishing email scams are a very dangerous trend in online security. These scams are nearly impervious to antivirus and security software because they trick users into voluntarily giving up their account credentials without the use of viruses or malicious software. This article is intended to help you identify, understand, and avoid these scams and the dangers associated with them.
How the Scam Works
The current batch of phishing scams is focused on stealing your Google login and password. Here’s how it works:
- A hacker gains access to someone else’s Google username and password.
- The hacker logs into the victim’s account and sends out a message to all of the victim’s contacts. The message says something along the lines of “Important – Please open this document”. The message contains a link to a fake Google login page, asking for a username and password. This fake Google page may look exactly like the real one – so be careful. Look for the Google.com in the URL and look for the green lock in your browser. Even still, the page could be fake, see below.
- Some of the recipients are fooled into opening the links and providing their username and password. This information is not sent to Google, but rather goes straight to the hacker.
- The hacker then repeats these steps with the new hacked accounts.
The hacker is compiling a growing list of Google usernames/passwords. He can sell this list, or start using the accounts to buy things, log into bank accounts, gather information for identify theft, or any number of nefarious purposes.
We’ve used Google as the subject of this description, but we’ve seen DropBox or other services mentioned as well.
How to Avoid Getting Tricked
The most important thing you need to do is to be skeptical of all links in emails, even if they come from friends or contacts. As we often say – “Click Carefully”. Before clicking on a link, look carefully at the actual URL to see if it’s going to google.com (or wherever it purports to go). Better yet, avoid the link entirely and go directly to the destination site and log in from there. You can also copy and paste the link into URL checkers such as http://global.sitesafety.trendmicro.com/ or https://safeweb.norton.com/.
What to Do if You Detect a Phishing Scam from a Friend’s Account
If you see a suspicious email from a contact of yours, we recommend doing a few things:
- If you know the contact, tell them. Simply emailing them may not be good enough, as the hacker may intercept the email.
- If you use Gmail, mark the email as spam.
- Don’t click on any links in the email.
What to Do if You are Tricked by a Phishing Scam
If you are a Computer Courage customer, we recommend you call us immediately to have your account professionally cleaned. If you are not, here are some basic tips:
- Change your password.
- If any other accounts of yours anywhere on the web use the same username/password combo as your email, you’ll need to change them as well. Start with the important stuff like banks.
- Scan your computer for viruses.
- Check your Google contacts, if they are gone you can restore them (details).
- Go to https://myaccount.google.com/ and look through security settings. Look at account history, log out other sessions.
- Follow Google’s guidelines here: https://support.google.com/mail/answer/50270?hl=en.
- Consider warning your contacts with another bulk email.
- Consider enabling 2 Step Authentication in Google (makes you impervious to this hack).
- Consider using a password manager such as LastPass.
We hope this information and technique helps. If you have comments please feel free to leave them here or contact us with questions about getting professional IT service for your home, nonprofit, or business.Jan 6th, 2015 | Posted in: Blog, Security