Security Breach: Google Users Beware
Deep sigh. It seems we’re getting to the point that EVERYTHING is a deep fake. As many Google users have unfortunately learned, you can’t even trust your own eyes and ears when it comes to facing down today’s hackers.
Last fall, Gmail users received phone calls from Google (confirmed by caller ID) indicating their account had been compromised. The caller was professional, the line was clear, and the “engineer” had an American accent. The user was directed to check their email (for a code to reset their email. It came from a Gmail address and was not loaded with typos. Everything about the interaction seemed legitimate so they entered the code, clicked reset, and…
The hacker now had control of their account.
Cybersecurity experts are warning all users (not just Google) that these attacks are getting more sophisticated every day and when one doesn’t work, they just pivot and try a new tactic. The good news is, even as the attacks are changing, many of our old strategies to stay safe still work:
1. Stay calm. Don’t be rushed into giving away more than you should.
2. Just hang up. Google (or even your bank) won’t call you asking for passwords. If there is a legitimate breach, you can always call the main number or message the helpdesk for details and confirmation.
3. Check your history. Scroll to the Details link at the bottom right of your Gmail inbox to check the most recent activity. If you can see someone else accessed your account, you may have been hacked. Change your password immediately, log out, and log back in.
4. Use Google’s resources. Click the ? button at the top of the Gmail inbox. Here you can find articles and ask questions. Sadly, most incident types have happened before and someone else probably has a solution.
Unfortunately, Google can’t help with account recovery if someone steals your credentials and locks you out. (Once you click that “reset” button or provide the hacker with the information they need, the cause may be lost.) Make sure, therefore, to change your password often, log off your computer after use, and never ever give your password to anyone over the phone.
If you need technical support or would like to learn about our cybersecurity offerings, please contact our office at 877-559-4692.