One of the biggest email providers in the world this week got hit with a phishing attack. If you are unsure what that means. Phishing emails are the fraudulent practice of sending emails that appear to be legitimate from a seemly trust worthy email address. These emails can reveal/grant access to personal information such as passwords and credit card numbers to the attacker. So what do you do if you click on one of these?
The most recent attack was confirmed by google on May 3rd 2017 sometime in the afternoon. Recipients who opened these emails containing a shared google document from someone they knew, were prompted to give the sender access to their Google contacts list and Google Drive. During this process this allows the sender to use your contacts list to send more emails to your contacts. While the phishing email came from what looked like a legit email from a trusted friend. The mail was sent from a fake address firstname.lastname@example.org Users were Bcc’d.
Google was able to disable the account and update their systems to block the address and are working on ways to prevent future attacks. The problem with phishing, spam, junk emails and others like them is the attacks are always finding new ways around filters, blocks and firewalls. System administrators are constantly updating their rules, blocks, and more to prevent these emails from reaching their mail servers.
Some tips if you ever receive a “phishy email”. Don’t click it even if it looks like it’s from a trusted sender. Even some of the most basic emails containing things like password reset links or fake invoices can be dangerous. These are known as spear phishing. One you click the link it can run programs in the background or be lured into turning in your usernames or passwords attempting to recover your account you never lost access to.
Shutdown: One of the quickest ways you can prevent this attack if you were to open a phishing email is to shut down your PC, disconnect your Ethernet cable and/or disconnect from wireless. This will stop any form of network activity on your PC.
Two Factor Authentication: One of the biggest forms of security you can add to your account is known as multi-factor or two factor authentication. Typically it’s a generated code that’s sent to your phone via text or application. This will prompt you to enter the received code from a unrecognized computer. You enter the one time code and this is the best form of protection if a hacker is attempting to get into your account with your password.
Password Policy: Another way to secure your accounts is to change you passwords often and ensure they meet the requirements of a good strong password. Hackers will run programs that will force their way into user’s accounts by trying typical passwords. They have programs where you can store your passwords securely in case it would be hard for you to remember a password you need to change often. My personal favorite is Last Pass. It’s also good to change your password in case someone is already accessing your account and you’re unaware of it. The most common culprit is Facebook until they post something on your account posting as you.
Reporting: Another great form of protecting yourself especially in a domain environment is reporting these emails. If it’s a personal email account they typically have a button in your inbox to report the email as spam, phishing, etc. If it is your company email account you can forward the email to your IT support or call them to let them know you received an email that seems untrustworthy and they can guide you through how to properly handle the situation. A lot of the time you may notice emails from your IT support warning you about any sort of network breaches, unsecured emails and other things that should be reported when they occur.
If you’re interested to read more regarding what happens if you are in a situation where a hacker gets into your personal files/information you can find our blog post called Ransomware Prevention 101 this goes hand in hand with this blog topic of the week. At Datahal LLC we are experts in dealing with all kinds of email security, phishing attempts, spam filtering and more. We can provide solutions to protect you and your identity. If you have any questions or inquiries about what you can do to start protecting your company or home network let us know, we are happy to help.