Hacking Continues on World Password Day
Earlier this week, my nice aunt Jeanne sent me an email. The message was blank other than, “Jeanne shared a doc on Google drive.” The clickable Google icon in the email looked legit and I thought maybe she wanted to share some photos of my cousins with me. But I didn’t click. If I had, I would have been taken to a fake Google sign-in screen saying permission needed to be granted. And if I had entered my info, my email, computer and personal information would have all become compromised.
It’s called a phishing scam, and this new “Google doc hack” is just one of thousands floating around the Internet. Just last week we reported on the latest changes to Cryptolocker in our newsletter.
As you’ve heard a thousand times before, if you aren’t 100% sure of the content of the email, don’t open it and certainly don’t click on anything within the message. Emails in the “Google doc hack” came from a Mailinator address. Users can send Mailinator emails from the platform without ever having to sign up, making tracking the perpetrator nearly impossible.
If you’ve opened the “Google doc hack” email and put in your information, chances are you’ve already started spamming everyone in your address book. The first step is to immediately change your password.
You can find a lot of advice on password security, but let me share two big pieces that if unchecked, often lead to compromise. One, if you can avoid it, don’t write your passwords down. That includes putting them in an email to yourself or uploading them to a shared drive. And two, try not to use the same password across different devices and/or platforms.
If you have any questions or concerns about your personal security, IT security, or want a free assessment of your business to ensure you are protected around the clock from phishing scams and hackers, give MAXtech a call: 614-401-8800.
Have you been hacked or have a story about a scam, malware or ransomware? Please tell us your tale in the comments section below.