Have you ever received a suspicious email from someone you know? It’s more common than most of us might imagine. That’s because when a hacker steals their victim’s email account, they use it to create more victims by sending out spam messages to users on the stolen account’s address book. It’s a major invasion of privacy, not to mention dangerous.
These messages frequently contain links to fake or “phishing” websites, which will be designed to resemble real websites but exist solely to either infect visitors with malware or pose as a location for people to “log in,” thereby unwittingly handing over their account info.
Naturally, some of those emails contain good old fashion infected files. As most of us live busy lives, downloading a file sent by a friend isn’t usually something we’d consider suspicious. But that’s exactly where it can start.
So how big is the problem and what can we do about it? Read on to find out.
The Infamous iCloud “Hack” and Phishing
If you recall 2014, you may remember reading about famous celebrities being “hacked” and having hundreds of their nude photos leaked onto the rest of the internet. Apple, apparently, was implicated in the incident because iCloud was where these photos were leaked.
But that’s only the face of the story. In reality, the iCloud “hacks” were actually the result of phishing emails targeted at celebrities. They exclaimed that there was a problem with their account and that they needed to submit their usernames and passwords. Amazingly, it worked.
Once the victims willingly handed over their logins, it was only a matter of time before their private information was exposed. Fortunately, this is one of the easier types of “hacks” to avoid in the email sphere.
Read any email that asks for information carefully: remember that companies never will ask for your username and password via email because they already have it! If you click a link in an email to visit a “login” page, check the URL address at the top of the page. It should be an exact match for the site. Facebook.com isn’t and will never be Facebook.login.com.
This brings up an important point about URLs; the part directly before the .com, .edu, .gov, or .net part is the actual host page. For instance:
- com vs Google.search.com
- google.com vs. google.scholar.com
The first one in each point above is still a part of “google.com,” whereas the second in each point come from an entirely different page. Learn to spot the differences; it can help avoid phishing.
Public WiFi Hacks
Another place people frequently get hacked is while using public, unsecured WiFi connections… (continued next page)