How to Protect Your Gmail Information from the Latest Phishing Scheme

HowTo

phishingIt’s almost spring or at the very least we are all wishing it so. So it’s time to do some cleaning of your online accounts. Particularly in light of a recent Huffington Post article about scary phishing. I sent the article to Chris Whittle, our Director of Technology at Collective Bias and he was helpful in outlining what you should do if you think you’ve been a victim of this latest phishing scheme.

Here’s what happens:
The hackers aka bad guys will send you an email with the subject “Documents” and then asks you to sign-in. The frightening part is the pages you will see look so authentic.

• When you click it takes you to an almost perfect mirror image of Google docs login (just missing the evil goatee).
• You try to login and it steals your email and password.

So what should you do?
Don’t ever click on links in emails from people you don’t recognize. And if the email only contains a link that is another telltale sign someone might have been hacked.

Check the URL. When you go to a link that’s supposed to be a company’s url 90% of the time the domain should end in that company’s domain.

Good URL example- https://docs.google.com/spreadsheet/ccc?key=0AuBJ_bODxhchdDc4UFJQVC1ldWZBaDVIN3gzazhURnc&usp=drive_web#gid=0

Bad URL example- https://docs.google.geocities.com/spreadsheet/ccc?key=0AuBJ_bODxhchdDc4UFJQVC1ldWZBaDVIN3gzazhURnc&usp=drive_web#gid=0

What happens if you think this might have happened to you?

Reset your gmail password. Call me crazy but I try to change the passwords to important accounts that I use regularly every quarter. And if you do have the same password for multiple accounts, stop that immediately. Once a hacker is into your account, same passwords give them even more keys to your kingdom. It’s amazing how many people do this despite all the warnings. Sure you end up with endless passwords to keep track of, but it’s so important.

Clear out your connected apps: which is something you should do regularly anyway. I recently did this to my Twitter account. I was surprised how many apps I had given access to.

Go to your Account
Screen Shot 2014-03-20 at 9.17.46 AM

 

 

 

 

 

 

Click Security and Under Account Permissions click View All image-1

Scroll through the list… Anything you think is suspicious click 

image-3

Revoke access

image-2

 

 

Hit Ok



One Response to “How to Protect Your Gmail Information from the Latest Phishing Scheme”

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>