Fake Gmail Login Forms Were Used To Hack DNC Emails – Here’s What You Need To Know About Gmail Login And Password Security
Circle ID reveals that a new report confirms Democratic National Committee (DNC) emails were hacked by the Russian Federation using spearphishing techniques which involved creating fake Gmail login pages. With the fake Gmail login pages, Hillary Clinton’s presidential campaign, and the Democratic National Committee (DNC), which includes managing Clinton’s communications, travel, campaign finances, and advising her on policy were all hacked by the Russian Federation.
According to Naked Security, it is likely that both fake Gmail login pages and a fake security alert urging individuals with DNC emails to change their login information were how the emails got hacked. With the fake Gmail login pages, the user inputs his/her email address and password. The fake Gmail login page stores this information and uses it to hack into the account.
The fake security alert encouraging individuals to take their Gmail login information works the same way. Again, the database stores the information and uses it to hack the accounts.
Because the fake Gmail login page and security alert email look to be authentic, the individuals logging into their accounts or changing their login information do not realize the information is being collected by a hacker.
Unfortunately, fake login pages and fake security alerts are spearphishing techniques a lot of hackers use to hack into the emails of people all around the world. While this made news because it was DNC emails being hacked, this is something that can happen to you.
Keep reading to learn everything you need to know to make sure you don’t fall victim to fake login pages or fake security alerts that could compromise your email account.
- Avoid Spam or Phishing Emails
Emails that say things such as “you have money waiting” should never be opened. In fact, you should avoid opening any email that comes from an address you do not recognize. You can’t get scammed by an email you never open.
- Keep Your Contact Number Current
Gmail and most other email providers offer the option to include a contact phone number for security reasons. This way you can recover your email and change your login information after being hacked. It is a way of proving who you are. Periodically you should make a habit of logging into your email account and checking your contact information to make sure it is all current.
- Establish a Recovery Email
It is a good practice to have more than one email address. Ideally, you should even consider getting an email from multiple providers. If you have a Gmail address, you should consider getting a Yahoo (or other provider) as a backup. As the name suggests, your recovery email can be used to recover a hacked email account as well.
How Do You Avoid Fake Login Pages And Security Alerts?
When it comes to security alerts about the need to change your login information, you should just go to your provider’s website and try to login to your account anyway. If there is a security need to change your password, your provider will request you to do so when you try to login to your account. Avoid clicking a link through your email that has requested you change your account.
To be clear: Podesta found his phone soon after. Here's @sheeraf's reporting on the more likely cause of the hack. https://t.co/ejcSZNp2JQ
— Stephen Adams (@_Stephen_Adams) October 24, 2016
Always double check the URL of the page you are on before logging in to your account. This way you can make sure that you have not been redirected to a fake login page trying to store your information to be used to hack your account at a later time.
What do you think about learning the DNC emails were hacked using fake Gmail login pages and fake security alerts? Are you surprised to learn this hacking method is how it happened? Share your thoughts in the comments below.
[Featured Image by Alexey Boldin/Shutterstock.com]
