As every aspect of our lives becomes increasingly tied to technology and online access, scams have grown from a possibility of inconvenience to a serious threat to your identity, finances, and more. Phishing scams are a long-standing staple of internet use, and they continue to evolve in sophistication and creativity. Staying ahead of these scams is important to protect the security of your information, but it can be extremely challenging.
One of the latest phishing scams to pop up demonstrates exactly how hard it can be to maintain due diligence online. This example of impersonation works by appearing in as an email sent by a family member or friend that is in a person’s gmail contact list. The email contains what appears to be a PDF. When this file is clicked on, it launches what appears to be a strikingly accurate replica of the Google login screen. When the username and password is entered, this information is captured by the scammers and can be used to access the victim’s email and more.
What sets this particular scam apart is how legitimate everything appears. Even for internet savvy users who are used to keeping an eye out for suspicious emails, a message from a contact appears valid, and only very close inspection of the icon for the PDF may tip off a would-be-victim. It’s scary to think that you could unwittingly hand over your Google login information to someone with malicious intentions, especially if you’re using a business-related account.
Catching a scam like this can often be as easy as checking the URL of the current page. If you are unexpectedly asked to log-in, or are unsure about how you ended up on a page, take a look at the URL to see if you’ve been maliciously redirected. For instance, if you are genuinely within your Gmail inbox, your current URL will start with https://mail.google.com/.
If you are potentially entering a suspicious website or access a dangerous file, you may also see an alert from your web browser. Be sure to heed these warnings, especially if you are performing an action you haven’t done before.
Other Threats to Your Security
In addition to phishing scams that seek to steal your data in increasingly sophisticated ways, there are many other threats in the online world. Ransomware continues to wreak havoc on everything from personal computers to businesses and even massive corporate networks. These malware is can be easily acquired through visiting certain websites or malicious emails and locks down your computer or network until you pay a ransom to restore it.
Although bookmarks, cookies, and autofill features have reduced how many people ar manually typing in website addresses, it is still easy to make a typo when visiting a website. Some scammers have learned to take advantage of these errors for websites such as banks. The unwitting visitor may end up visiting and supplying their log-in information to a clever copy of the website they intended to visit, compromising their banking data or more.
So how can you avoid falling prey to these types of scams?
Keeping your eyes open for suspicious prompts or activity is an indispensable part of staying safe online. If something doesn’t look right, or is unusual for a website that you’re used to, caution is always the best route. Be particularly wary of downloading files, as these can be an easy way for malware to infiltrate your computer. Since particular scams and malware tend to flare up in trends, staying updated on what’s new or popping up can keep you on the lookout as well.
Beef Up Your Digital Security
Your passwords to your accounts are your first line of defense against malicious intent. Here are some tips to help you make your passwords as strong as possible:
- Use long phrase passwords
- Include numbers and symbols when you can
- Never use the same password across multiple websites or accounts
- Avoid obvious entries, such as your birthday or name
- Use a password manager to generate unique passwords and manage them
- Update your passwords regularly
- Don’t store your passwords in your browser’s autofill option
As you can see from the Google phishing scam though, having a strong password may not always protect you. To combat the possibility of your log-in information giving free reign to scammers, you can implement a two-step authentication process. This can include options such as texting a verification phone to your code in order to login or other means of verifying who you are. Plus, there are advanced apps and other technology out there that takes security to another level, using items such as your fingerprint in lieu of a password.
One step which can keep your emails and other data more secure is using G Suite. This collection suite of cloud-based services from Google covers everything from Gmail to Google Docs, and the security features can help filter out spam messages as well as offer improved back-up services to protect your data.
While you may think that social media offers limited abilities to access your private data, you may be in for a surprise. Your social media accounts through Facebook, LinkedIn, and more may be telling more than you’d like. Be sure to review your privacy and security settings to ensure that you aren’t giving out too much personal information, such as your birthday or phone number that could be providing your potential scammers with weapons against you.
Staying Safe in 2017
The bottom line is that internet security is more important than ever. As both individuals and businesses store everything from bank information to client profiles, marketing data, and more, scammers know that there are payloads out there waiting to be cracked. Don’t give them the opportunity to add you or your business to their list of victims.