Passwords have become one of the most important factors in today’s digital world. Every single person is required to have one if they want to have a digital footprint, receive and send emails, use social media platforms, to name some of the more regular uses. To commemorate this May 2 has been declared as the World Password Day.
Many people continue have very simple passwords like ‘123456789’ or even ‘their names’, as one recent report showed. If you are one of them please change your password immediately as a cyber-criminal can easily get their hands on your digital life. And if you are not one of those and are proud to have a password that will make every password box green and look small, we congratulate you. However, you still might face danger from a random phishing attack.
What is a phishing attack?
A phishing attack is executed by a person to fraudulently obtain sensitive information such as username, passwords and credit card details of another person. This is done by impersonating a trustworthy entity in an electronic communication. So for example, you might get an email that claims to be from Apple saying your password is urgently needed or your account will be locked. You click on the link and then enter your password, other details, which are then stolen by the hacker, because the email was never really sent by Apple.
Phishing is one of the most common scams on the internet as the other person believes the email to be true and then gives away all their information to the impersonator.
How to avoid phishing attacks? Google has a Quiz
Google has setup a quick quiz for this World Password Day, which you can take by clicking here. The aim of this quiz is to check users phishing-detection skills, while at the same time educating them on what kind of phishing attacks are happening around the world and how they can protect themselves from becoming a victim.
The good thing about this quiz is that shows various kinds of scenarios, in fact it shows the kind of phishing scams that actually worked and were used to fool governments, think tanks. Taking the test will show the range and depth of phishing scams that exist, and prepares a user on what to do when dealing with these kinds of emails in the future. It is a comprehensive test and some of the phishing emails seems legitimate.
While avoid phishing scams might not be that easy all the time, here are a few other tips that you can follow to be much more secure online:
Do not reuse your passwords. Many people use the same password everywhere because it’s easy to remember. However, this puts all of your accounts at risk if an attacker is able to even get a password for even a single one. If you feel it will be harder for you to remember so many passwords, we recommend that you use a password manager, which will also make your life simple by entering your email address and passwords automatically wherever you need them.
Utilise two-factor authentication wherever possible, as it keeps online accounts safe from most attackers because a second authentication is needed to access the account. This is due to the fact, that even if an attacker is able to get his hands on your secure password, they would still require a secret pin sent to your smartphone to gain unauthorised access to your accounts.
Finally, you can also take up an online security checkup by Google, which will give you personalised and actionable security recommendations to strengthen the security of your Google Account.
According to McAfee’s Chief Consumer Security Evangelist Gary Davis here are some other tips to keep in mind for securing your password.
First users should see if their passwords are exposed. Sites such as haveibeenpwned.com are useful to get this information if the password or passwords have been compromised in a breach and are available to bad actors. If so, the passwords should be changed.
Another tip is not to use common passwords or include simple personal details within passwords. This means birthday, family members’ names or pets’ names, which can be easily guessed. Instead it is better to layer up passwords. Passwords should always contain a variety of capital and lowercase
letters, numbers and symbols, according to Davis.