This new Gmail scam by hackers trying to steal your passwords is downright scary.
Lifehacker — a site dedicated to life tips, not actual hacking — says hackers are sending people e-mails that appear to come from friends in their address book.
The e-mails have attachments that look real, and when people click on them, they get taken to a Google sign-in page.
Thinking that they somehow got signed-out of their G-mail account, people are typing in their passwords to sign back in.
But they’re not realizing that the sign-in page is completely fake, and that they just gave a hacker their password. Giving a hacker your password gives them access to most of your accounts, including bank accounts, because it allows them to use the “forgot your password?” function to request your password, then change it.
How do you keep yourself from being scammed? These tips can help:
— If you use Google Chrome, make sure it’s updated to the newest version, which helps identify this scam.
— Don’t open attachments from someone if you’re not expecting an attachment from them and if it’s not very, very clear that the e-mail is actually from them.
— If clicking on an attachment brings you to a Google sign-in page, don’t type in your password. Just click the back button on your browser to get back to your Gmail.
— If you get to the Google sign-in page, you can also look at the start of the URL address to see if it starts with something like “data:text/htyml” instead of the standard “https://.”
Be safe. Please share this!