WHAT IS PHISHING?
First of all, let us see what the phishing attack is. It is a fraud where the offender tries to steal your username, password, credit card information, all the while disguising as a trustworthy contact when we are talking about electronic communication.
The Gmail Phishing Attack
Hackers hacked many Gmail accounts through phishing attacks. The news made headlines, and the attack turned out to be a phishing scam.
A phishing attack is in the form of a document or an email from the account of a trusted friend, and it would urge you to download and view the material. It is being called a sophisticated scam for it was hard to judge for anyone that it could be a potential phishing attack.
When you open and download the document, then the fake mail attacks your system. This time in the phishing attack, the criminal went a step further and let out 100s of worms on the computer to find your trusted contact, and these worms multiplied many a time with just one click of the user.
More than a billion users were affected by this phishing attack.
Google even let out a warning that the users should not open any such link, but those who were victims got their entire email history lost in the hands of the offenders. All their data, both sent and received was into the hands of the phishing attack offender.
This phishing account could reset the passwords of your email and enter your online banking app.
One’s Amazon app which has the entire history of one’s shopping and payment details of each purchase was now in the hands of the cybercriminals. All cards stored on Amazon were at risk and risk was also your Facebook.
What Is Google Doing To Stop Phishing Attack?
Google senior writers commented that they closed the whole phishing campaign within one hour, the contact information in case of many users was lost, but no other data was exposed.
Google was working hard at stopping the crime, but criminals had found a new and innovative way to hack and get into not only Gmail but also Facebook and Amazon.
The Google employee also said that password and user names have a market now, and they are being sold and bought for not even a lot of money, and this is a flourishing business.
Email Users Must Avoid These Mistakes
Gmail users also do not stop making the same mistakes that Google has warned them against many times and these mistakes are: –
- Saving your login information on the phone
- Saving the login and password information on the phone of a family member.
- You should only commit passwords to memory; otherwise, it is more or less like you are giving your password away.
- One should always be logged out after using Gmail. Once you log out, you are at a lesser risk. If you do not log out, then your password is saved and then it can be hacked by anyone with the slightest knowledge of hacking.
- Change your password every after 3 to 6 months.
Moreover, He or she does not even need to be a hacker if your login information matches your name, your nickname or any information related to your family. Do not be so easy to hack.
Continuing with Google phishing scam, Google has said that the phishing attack has been solved and sorted and now users do not need to take any other action in this regard. But, if you have been affected and want to be double sure, then there is always Google security check and changing your password.
What Is MIT Phishing Attack?
Similar attacks seem to be happening at MIT. These were emails which were claimed to be coming from MIT network group or email account team, but the moment you are asked to confirm your email and password, you should know that you should not click on the email or open it. Once you open the email, you’ll see poor grammar, poor sentence construction and you’d see that an MIT authority has not signed the email.
If you are still unsure, you should call on the given number only to realize that it is a fake number.
Moreover, if there is a mail from MIT, they would not ask to deactivate your account unless you complied with the things written in the letter.
Most of the time, criminals cannot hide their threatening language, and that would start showing in the mail. The email would sometimes even mention inside that it is not a phishing mail.
That is because they will leave no stone unturned to make sure you open and respond to the mail, and the phishing agents would use the awareness about phishing emails to lure and dupe you, but the letter would be very obviously not from the authorities.
MIT Assistant Professor said that phishing is sending you an email where the offender uses a name reliable to you to steal your personal information. This competent person could be your bank, MIT, someone you know through Facebook, your business partner, and heck your mom.
39% of phishing emails get opened, and 10% can steal the right amount of information from you. So, phishing is a genuine threat. The primary culprits are fake PDFs, fake bills, mail delivery failures, and locked accounts.
Do This Before You Open Received Phishing Email.
1. You should slow down
2. You should take a closer look
3. You should pick up the phone to call the sender.
Do not jump into doing what the mail says. The criminals would try and create a sense of urgency because they do not want you to figure out that it is a phishing mail. The criminals have less time, but you have time to get into the details, and you should do that.
Do not worry; your account would not get deactivated in such a jiffy; apply your rational mind.
MIT allows you to report a phishing mail, so send the mail to the address firstname.lastname@example.org and if the attack has been successful and you have given your data then contact the IT desk ASAP.
You could also report a phishing email when you have received a Google email which is a phishing attack. In this case, go to Google, go to Gmail, click the more button, click down and you’ll see an option of report phishing.
If the sender has an email address, you should report that too. You should always check if the Email id and the sender’s name match.
Check for authentication of the Google account, if you see a URL then hover over it for a fraction of a second and see if the link name and the link description match too.
Never click on the link even by mistake, or it would redirect you to a new site which is the phishing site which would steal all your data related information. There is another way to save yourself from a phishing attack.
If you see any of your old passwords in your phishing email, then you are being threatened that your password has got stolen, but do not panic and go about the business to change that password in each place of use.
Make Your Google Account More Secure.
- Two-way authentication where you’ll need a certain password and the second layer of protection such as a security token, biometric factor, or facial scan. So even if the first step towards hacking has occurred, the second step is still not and will not be that easy.
- Password rules and regulations wherein having a password that should be eight characters long; a criterion such as one alphabet, there should be numerals, special characters, and one capital letter.
So, before your password is stolen and changed, you have the last chance to change the password and save your account. These phishing bullies are born Einstein the way media perceives them.
This praise means nothing but the fact that these cyber bullies are very smart. It is cyber hygiene and cyber health at stake.
The terms cyber security, digital safety, and data privacy all are under scrutiny.
MIT is one leading company which covers cybersecurity and the future of computing. The answer that is coming out most is that AI can help with cases of phishing. What phishing does is lock down computers and hold back that information and not release it till the time cryptocurrency or money is released.
So, it is not like there is no way out of it, but bleak guys are painting a gloomy picture of what is going on in the world of cyber-security.
There should be more educational campaigns about how not to click on any harmful or seemingly malicious links, plus do not get greedy, do not panic and do not hurry to claim bonuses or awards. This email could be a phishing attack.
You may also like to read.