Gone are the days when malware simply rendered a computer useless or deleted files. Instead of creating malware to show off, hackers are now in it for the money. Because of this, most malware these days are designed to collect personal information, such as user names and passwords. Cyber-criminals leverage this information to hack accounts, such as email, Twitter and Facebook accounts, to spam your friends.
But the real jackpot is when hackers can trick you into giving up your banking information or credit card numbers. When that happens, they can drain your money, at least until you block the accounts.
The main way online thieves get these credentials is through “phishing,” or sending out emails that look exactly like official emails from your bank, credit card company, PayPal, Amazon or other online companies or services.
Falling for these scams can be detrimental to individuals, but they are even more harmful to businesses. If one of your employees gets fooled by phishing and inadvertently gives up the credentials for your company’s accounts, the results could be disastrous. Here’s how to detect phishing emails and make sure that you don’t get hooked.
Read the rest of the article at The Mac Security Blog.
I bought 1Password for my parents specifically to help avoid this type of phishing. Indeed, I got a call from my mom soon after I set up 1P for her because she said it wasn’t working right. What had actually happened was that she’d gotten a realistic phishing email, clicked to the fake site to log in, but 1Password wouldn’t automatically enter her login information (because it didn’t have credentials for the real address of that site).
Nothing’s perfect, however. I discovered two years later that my mom didn’t understand that 1P auto-entered everything, so whenever she went to some site she was manually entering her email address before invoking 1P to fill in the password.
I bought 1Password for my parents specifically to help avoid this type of phishing. Indeed, I got a call from my mom soon after I set up 1P for her because she said it wasn’t working right. What had actually happened was that she’d gotten a realistic phishing email, clicked to the fake site to log in, but 1Password wouldn’t automatically enter her login information (because it didn’t have credentials for the real address of that site).
Nothing’s perfect, however. I discovered two years later that my mom didn’t understand that 1P auto-entered everything, so whenever she went to some site she was manually entering her email address before invoking 1P to fill in the password.