"True cybersecurity is preparing for what's next, not what was last."- Niel Rerup, Cybersecurity Expert
Did the webpage you just logged into look a little suspicious?
Chances are that if it looked suspicious, it was because it was a fake login screen designed by hackers.
In March of 2017 there was a widespread phishing attempt (when hackers try to get you to click on a malicious attachment, usually in a fake email, to gain access to your online accounts) that affected users of Gmail and Google Drive. The hackers sent out a malicious Google Drive access request to millions of users of Gmail. When they clicked on the attachment they were brought to what they thought was a Google login screen to sign in so they were able to see the document. When they entered in their login information and clicked sign in, nothing happened on their end, but on the hackers end, they were given the email and logins of everyone who fell for the trick. Read more about the story: here, here or here.
This type of attack is becoming more and more common, with multiple already having occurred thus far into 2017, and it will only get worse from here. However, there are some good ways to protect yourself.
Before clicking on the attachment in any email, look at the person's email address. If you do not know them or their email address looks weird, do not open the attachment because it is most likely a phishing attempt. Reply All had a great podcast (that you can listen to here) on phishing attempts where they tricked a multitude of people in their office to click a malicious attachment in an email that looked like it was coming from the company email (they used the company email but added an extra letter to the address, all but a few employees did not notice). If anything, call or message the person to ask what it is they sent you, if it was them then its ok to click, but better to be safe than sorry.
Another tool you can use is Password Alert from Google. Password Alert is a Chrome Extension that will check the login screen you're visiting to see if it is the legit version. Otherwise, it will alert you that it believes the page is not real and most likely malicious. You can download the plugin for Google Chrome on the Chrome Web Store here.
In today's world where we value speed and efficient above all else, it helps to sometimes step back and take a second to consciously decide what you are about to do instead of immediately taking action, especially with your emails. Hesitating that extra second and thinking about, "Why is this person sending me this random attachment out of the blue?", "Is that their email address?", etc. may save you from a possible phishing attack. Taking that extra second is more worth it than paying the price for not.
Wire Messenger is a free end-to-end encrypted messenger app for calls, chats, sharing files and more. Some other notable features of Wire is that all of Wire's servers are located in Switzerland, so all of your data is protected by Swiss privacy laws, which are known to be one of the strongest in the world. In addition you can use Wire on your phone, tablet and desktop computer, you can have group chats with up to 128 people, you can send self-destructing timed messages and you can delete or edit a message you sent by mistake. The newest feature offered by wire is the ability to make entirely encrypted voice and video calls. Download it and add me @michaelsolimini and feel free to send me a message!
Not following us on social media yet?! What are you doing?! Missing out on extra content, that's what! Follow us and share below!