Google has just forced me to change the password to all my Google sites. I was told there was a malicious attempt to gain access into my account and they suspected it wasn’t me. I changed my password and just went about my normal internet surfing when I came across a shocking news.
Google had began warning users of “state-sponsored attacks” — if Google detects malicious attempts to access your account, a prominent warning will appear at the top of your Gmail inbox.
According to CNET as well as Google, Scary, the warnings do not necessarily mean that the government-related hacker accessed your account. Instead, your account may have simply been targeted, and Google wants you to take extra security measures.
If this has happened to your account, Google would recommend you change your password. Just change it to something more secure.
Now that you have done that, there are few other things you have to take note when trying to access your Gmail account. There are some sites out there designed like Gmail that would prompt you to update your account for the sole purpose of getting your details. You have to follow some steps everytime to make sure your account remains secure.
1. Double-check your Gmail URL
In 2011, Chinese hackers were able to access user accounts of government officials by creating a fake Gmail login page. When the users entered their username and password, that data was sent straight to the hackers.
Unsurprisingly, the attack worked. The fake login page looked so similar to the authentic one that users were unable to tell the difference.
However, if people had taken a look at their browser bars, the address bar especially, they would have noticed it wasn’t the legitimate login URL. Make sure that everytime you want to login to Gmail that the URL for the Gmail login screen you’re using is https://accounts.google.com/
Note that it must be https and not just http.
Here is a photo of a comparison between a fake Gmail interface and the original one (click and viw the full size of picture to view):
2. Enable 2-step verification
You don’t have to wait until your account gets hacked before you secure it. Two-step verification remains one of the best ways to prevent third-parties from accessing your account.
With this feature active, Google will SMS your phone with a special code that you enter upon logging in. Meaning, the hacker would have to be in possession of your phone to access your account.
3. Know how to spot a phishing e-mail
Users fall for it often: hackers will send out e-mails masquerading as a company, like a bank or social network, with a link to a Web site that prompts them to enter password and account data.
Sometimes, these e-mails are filled with spelling mistakes and funky fonts. Other times, however, they’re well-written and easy to fall for.
A similar thing happened to me sometimes ago when someone pretending to be my Bank sent an e-mail that I should update my Account information, otherwise it would be inactivated.
I posted about this and how detected it was fake. You might want to read it here to learn a few lessons.
4. Always Keep your software up to date
As Google suggests, it’s important to keep your operating system, browser, and all plugins up to date. Aside from feature additions, the updates patch up any security holes that make your software vulnerable to attacks.
So the next time your browser or computer is telling you to update, please do it!
References:
www.cnet.com
www.forbes.com
www.google.com
HOPE THIS HELPS YOU!
Don't keep this to yourself, Share it with your friends with the Buttons below.
| Follow @cynamix |
Recent Comments