Remember when we discussed the increasing prevalence of sneaky phishing attacks? Well, it appears that Google users are now the prime target.**Sign up for Kurt’s FREE CYBERGUY NEWSLETTER with security alerts, quick tips, tech reviews, and easy how-to’s by clicking here**We haven’t encountered this particular attack before. Although this email may appear legitimate with the Google logo, it is actually a phishing attempt. It’s crucial to scrutinize every email thoroughly before clicking on any links.Let me explain what this phishing attack entails and provide you with some tips to avoid falling victim.What does this latest phishing attack do?I recently came across a disturbing security-related phishing attack impersonating Google. The fraudulent email claims that the recipient’s device is infected with a virus and urges immediate action. It tricks recipients into clicking on a malicious link that supposedly offers a solution for removing the virus. However, this link is deceptive and poses serious risks to online security.Notice that the senders of this message, indicated by the email addresses , are not from Google at all. (Screenshot by Kurt Knutsson)We contacted Google for further information since this phishing attempt differed from previous ones we had seen. Here is the response we received from a Google spokesperson:”We advise caution when reading emails from individuals claiming to be authoritative sources. Unfortunately, unscrupulous individuals occasionally exploit the Google brand for scams and frauds. While Gmail’s advanced protections block more than 99.9% of spam, phishing, and malware, we encourage users of any email service to follow these three best practices to avoid falling victim to scams:1. Slow it down. Scams often create a sense of urgency. Take time to ask questions and think it through.2. Spot check. Conduct additional research to verify received information. Does it make sense?3. Stop! Don’t send. Reputable individuals or agencies will never demand immediate payment or personal information.” I recently came across a disturbing security-related phishing attack impersonating Google. The fraudulent email claims that the recipient’s device is infected with a virus and urges immediate action. (Kurt Knutsson)How else can I protect myself from phishing scams?Google’s advice provides valuable guidance that applies to all phishing attempts, whether the attacker claims to be from Google or not. I have a few additional suggestions to help you further protect yourself:#1 tip: Use antivirus software: Investing in antivirus software is one of the best ways to protect yourself from phishing scams. With antivirus software running on your devices, you can avoid clicking on malicious links or downloading files that could expose your device to malware and potential data theft. Check out my expert review of the best antivirus protection for your Windows, Mac, Android, and iOS devices at Cyberguy.com/LockUpYourTechVerify the sender’s email address: Carefully review the sender’s email address, as scammers often use slight variations or mimic legitimate sources. If the email address appears suspicious or unfamiliar, avoid clicking on any links or providing personal information.Avoid clicking on links directly: Instead of clicking on links in emails, hover over them with your mouse to view the actual URL. If the URL doesn’t match the supposed source or seems unusual, refrain from clicking.Be cautious with email attachments: Don’t open attachments from unknown or unexpected sources, as they may contain malicious software. If you weren’t expecting an attachment or don’t recognize the sender, verify its legitimacy before opening it.Enable two-factor authentication (2FA): Whenever possible, enable 2FA for your online accounts. This adds an extra layer of security by requiring a second form of verification, such as a unique code sent to your phone, in addition to your password.Be cautious with personal information: Exercise caution when sharing sensitive information online, especially if it’s unsolicited or appears suspicious. Legitimate organizations rarely request personal details via email.For more of my security alerts, subscribe to my free CyberGuy Reports Newsletter at Cyberguy.com/NewsletterReport suspicious emails: If you receive a suspicious email claiming to be from a specific organization, report it to that organization’s official support or security team so they can take appropriate action.Educate yourself and others: Stay informed about the latest phishing tactics and share this knowledge with friends, family, and colleagues. Awareness is a potent tool in preventing scams.Keep software up to date: Regularly update your operating system, web browsers, and antivirus software to ensure they can detect and prevent the latest threats. Check for updates in your device’s settings app for software updates, and visit your device’s App Store or Google Play Store for individual app updates.iPhone: To check for software updates on your iPhone, open the settings app, tap on General, then tap on Software update. To check for app updates, open the App Store, tap on your profile picture, and scroll down to see if any updates are available.Android: Software update settings may vary depending on your Android phone’s manufacturer. To check for software updates, open the Settings app, tap on System, then tap on Advanced and System update. On some devices, you can simply scroll down and tap on Software update. If a software update is available, tap on download and install. To check for app updates, open the Google Play Store, tap on the three horizontal lines, then tap on Manage apps & Device to see if any updates are available. Whenever you receive an email, use your best judgment before clicking links or opening attachments, especially if it’s from an unfamiliar sender. (Kurt Knutsson)TWO APPS ON GOOGLE PLAY STORE PUTTING MILLIONS OF ANDROID USERS AT RISKKurt’s key takeaways:Exercise caution when receiving emails, especially from unknown senders.Google continues to prioritize Gmail users’ protection against phishing attacks. Their data shows that they block over 99% of such emails.If you come across a similar email in your inbox, please report it as abuse (instructions here) to help improve their tools’ effectiveness in protecting users from these campaigns.What further measures do you believe are necessary to safeguard people from malicious phishing attacks? Share your thoughts by commenting below or contacting us at Cyberguy.com/ContactTo receive more of my security alerts, subscribe to my free CyberGuy Reports Newsletter at Cyberguy.com/NewsletterCopyright 2023 CyberGuy.com. All rights reserved. Kurt “CyberGuy” Knutsson is an award-winning tech journalist with a profound passion for technology, gear, and gadgets that enhance our lives. He contributes to Fox News & FOX Business, appearing mornings on “FOX & Friends.” Do you have a tech question? Get Kurt’s CyberGuy Newsletter, share your voice, suggest a story idea, or provide feedback at CyberGuy.com.
Reference
Denial of responsibility! VigourTimes is an automatic aggregator of Global media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, and all materials to their authors. For any complaint, please reach us at – [email protected]. We will take necessary action within 24 hours.
