We’ve seen a few cases of “phishing” scams over the last week or so. People are receiving emails with links that look like Dropbox or Google Drive links, but actually lead you off to a completely different website that is impersonating that service. (Don’t know what Phishing is? Check the Wikipedia definition)
Please be careful!
Before clicking a link, always:
- Hover over the link
- Check the actual destination of the link, which should be in the lower left of your window
You’ll notice in the screenshot above that although the link looks like Dropbox in the actual message, the real destination in the lower left is “amadabd.com”
Always check your link destinations.
What happens if you get caught?
If you have clicked one of these links, you’ve almost certainly been asked to log in. By doing so, you are giving the scammers your username and password. They are then accessing your account, sending out dodgy emails to your contacts list, and on it goes.
If you have been affected:
- Change your email password. Now.
- If you’re using Gmail/Google Apps, the scammers have also added some filters that are automatically sending a lot of your incoming email straight to the bin. To check, follow these instructions, under the “To edit or delete existing filters” heading. Delete any filters that you haven’t set up.
Note: if you clicked the link but didn’t then enter your username and password, you’re probably okay. We haven’t heard any reports to the contrary at this stage.
A safer option
Setting up “2 factor authentication” is highly recommended.
This works by sending a text message to your phone after you log in on a new device for the first time. So even if someone does manage to guess or steal your password, they can’t log into your account without having access to your phone.
If you’re on Google Apps, read about Google’s option here. We suggest you set this up if you can.