E-Mail Phishing

Google warned on that hackers were launching targeted phishing attacks against hundreds of Gmail account users. Google says "the goal of this effort seems to have been to monitor the contents of targeted users emails", with the perpetrators apparently using stolen passwords to change peoples’ forwarding and delegation settings. Gmail enables you to forward your emails automatically, as well as grant others access to your account, this may be the most useful aspect of  using Gmail but Google also took this opportunity to remind users about the value of enabling 2-step verification.

Here are a few simple tips that can help you avoid becoming the next victim of these attack methods:

• Keep your software up-to-date. Legitimate, high-traffic Web sites get hacked all the time and seeded with exploit kits. Take advantage of programs like Secunia’s Personal Software Inspector or Filehippo’s Update Checker to stay abreast of the latest security updates.
• Be extremely judicious about clicking links in emails. Try to avoid responding to invites by clicking links in emails. I notice that Twitter has now started sending emails when someone re-tweets your posts: Avoid clicking on those as well. It’s safest to manage these accounts by visiting the sites manually, preferably using a bookmark as opposed to typing these site names into a browser address bar.
• Pay close attention to what’s in the address bar: Checking this area can prevent many email-based attacks. Staying vigilant here can also block far more stealthy attacks, such as tabnabbing( Where a URL is opened to a new tab, which later reloads changing the URL address and yet displaying the true content of the page) .
• Consider using an email client, such as Mozilla’s Thunderbird, to handle your messages. It’s a good idea to have emails displayed in plain text instead of allowing HTML code to be displayed in emails by default.