Scammers are phishing Gmail users for logins – here’s how to protect yourself
Recently, I read an article on Yahoo! Tech News about a phishing scam that’s targeting Gmail™ users. Given how many business and personal Gmail users are out there, this is pretty scary stuff.
Victims are receiving phishing emails from hackers that pretend to be from Google, asking users to click on a link and log in to access a document on Google Drive™. But the link actually takes users to a bogus site that then captures their login credentials. If you use Gmail or other Google products, just think of what a cyber criminal could have access to if they have your username and password…
Educate yourself to avoid getting hooked
This latest phishing campaign reinforces the need for education We’ve put together a handy best practices checklist to help you spot a phishing email.
Some of our recommendations include:
- Keep your security software up to date. Don’t avoid downloading important updates. Hackers exploit vulnerabilities found in older software, so it’s important to keep the apps on your devices current.
- Don’t click on links from messages that contain misspellings. If an email from a well-known company is formatted badly, has obvious misspellings or is unrelated to the product or company, this is a red flag.
- Be aware of email requests with high urgency that ask you to take quick action. If you are ever in doubt, double check the request with the sender either by phone or by composing a new email – never reply to the email itself
Use two-factor authentication for added protection
We also recommend that you use two-factor authentication (2FA) whenever it’s available. As the Yahoo! article states:
“If someone does happen to gain access to your Google credentials, either through phishing or by simply being a good guesser, two-factor authentication could be what stops them from actually getting into your account.”
With 2FA, you’ll be asked to input a code along with your login credentials. That code can be texted to you or created by an app on your phone. It may seem like a hassle to have one more thing to input, but it could mean the difference between security and a cyber-criminal compromising your data.
If you want to learn more about email security and how you can protect yourself, check out our recent phishing report. And if you have any questions, give us a call at 800-379-7729