Be aware that there is another round of password phishing attacks and these are becoming more sophisticated

 

This particular attack sends you a bounce email and asks you to log in to view the bounced emails, the email even goes so far as to have a header which says “this is from a trusted sender”

The links take you to a tiny url / shortened link which drops you on a page with a generic login form.  Once logged in, you are redirected to the domain’s home page

 

As always, be incredibly vigilant about any links in emails – check them and don’t just follow them blindly.  If you land on an insecure page or a web page which doesn’t look like the usual login page, be cautious.  Always check that the web page is secure and that the certificate is issued in the name of the domain you’re expecting.

Finally, if in doubt, or if you have followed one of these links and entered your password details online then change your password immediately.

 

Never use the same password on multiple sites.  If one site is compromised, all sites that use that password have now also been compromised

 

Use a password management application such as 1Password or Dashlane so you can have lots of complex passwords and not have to worry about remembering all of them.



Sunday, November 4, 2018





« Back