Last week we introduced you to the concept of Social Engineering - manipulating people’s trust to gain confidential information. Phishing is a type of social engineering that can also be targeted towards businesses. We recommend you educate yourself and your employees to safeguard against this threat.
Recognize the signs
Phishing is a technique used to obtain personal information. The most common way a phisher obtains this information is through a spam email which appears to come from a legitimate source (e.g. a bank, a credit card company) requesting certain action to be taken. The email will usually have a link which will lead to a fraudulent web page and may have a form requesting you to enter personal information.
What many small businesses don’t realise is that phishing can happen over the phone, too (called ‘vishing’). In this type of scam the ‘phisher’ will try and get the information they want over the phone by making some kind of false claim (e.g. your IT department has requested you update your security software). Once the caller has gained the consumer's trust, they may ask the person on the phone to log onto a website to download a file to help solve the problem. The file may be infected with a virus which would give the Phisher access to your personal information.
Once scammers have 'phished' out your information (or potentially even customer information), they could use it in a number of ways. Credit cards could be used for unauthorized purchases, or information might be gathered for an identity theft scam.
Keep your Google account secure
As a Google product user, remember Google does not send emails asking you to update your personal information. We also never call customers asking for their passwords or requesting they download any programs. If you think you've received a phishing email that's trying to trick you into thinking it is from Google, don't reply to the email itself. Instead, report the phishing email to us.
To add an extra layer of security to your Google account, you can enable 2-step verification (and see video below). You will enter a code from your phone, as well as your username and password - when you sign in. If someone steals login information through phishing or social engineering, the potential hijacker still won’t have access to your phone.
For even more tips on keeping your business safe online, check out our Good to Know website.
Posted by Katrina Blake, Risk Analyst
Showing posts with label Online security. Show all posts
Showing posts with label Online security. Show all posts
Friday, April 13, 2012
Tuesday, April 3, 2012
A fast, accurate, and affordable way to do online market research
From international brands to local food trucks, every business wants to make important decisions with their customers’ feedback in mind. Which version of your new logo will people like better? How much interest do dog owners have in organic dog food? Is your brand awareness growing over time?
We now have a new option for companies looking to answer these types of questions and more: Google Consumer Surveys. Whether you’re a Fortune 500 company or a local bike shop, Consumer Surveys makes market research fast, accurate, and affordable.
You can create an online survey in minutes, have responses within hours and fully analyzed results in days. We do all the heavy lifting for you, finding interesting nuggets of information (or “insights”) and providing you with tools for digging deeper.
Here’s how it works: people browsing the web come across your questions when they try to access high quality content like news articles or videos. Answering the question gives them near instant access to the page they want. All responses are anonymous; they aren’t tied to users’ identity or later used to target ads. This provides an alternative to the traditional paywall model: site visitors don’t have to pull out a wallet or sign in, publishers get paid as their site visitors respond, and you gain insight into what people think -- for just $0.10 per response for the general US population or $0.50 per response for custom audiences.
We’ve already been working with a number of companies researching everything from online shopping behavior (Lucky Brand Jeans) to gluten-free baking mixes (King Arthur Flour), and using Consumer Surveys to track brand awareness (Timbuk2) and inform product development (479 Popcorn). Check out google.com/insights/consumersurveys to learn more.
Posted by Brett Slatkin, Software Engineer
We now have a new option for companies looking to answer these types of questions and more: Google Consumer Surveys. Whether you’re a Fortune 500 company or a local bike shop, Consumer Surveys makes market research fast, accurate, and affordable.
You can create an online survey in minutes, have responses within hours and fully analyzed results in days. We do all the heavy lifting for you, finding interesting nuggets of information (or “insights”) and providing you with tools for digging deeper.
Here’s how it works: people browsing the web come across your questions when they try to access high quality content like news articles or videos. Answering the question gives them near instant access to the page they want. All responses are anonymous; they aren’t tied to users’ identity or later used to target ads. This provides an alternative to the traditional paywall model: site visitors don’t have to pull out a wallet or sign in, publishers get paid as their site visitors respond, and you gain insight into what people think -- for just $0.10 per response for the general US population or $0.50 per response for custom audiences.
We’ve already been working with a number of companies researching everything from online shopping behavior (Lucky Brand Jeans) to gluten-free baking mixes (King Arthur Flour), and using Consumer Surveys to track brand awareness (Timbuk2) and inform product development (479 Popcorn). Check out google.com/insights/consumersurveys to learn more.
Posted by Brett Slatkin, Software Engineer
Wednesday, February 8, 2012
Protect your passwords, protect your business
Managing your business, even if it's a real-world store with a physical address, is increasingly moving into the online space. With that comes the need to maintain good online security practices to protect both your own information and that of your customers. Behind your password lies a wealth of data that can be very interesting to your competitors and criminals. You should see this data as a commodity, just like the product you are selling. And just like your product, you don’t want it to fall into the wrong hands.
Here’s what you can do to help protect your business online:
Use strong, unique passwords. Cyber-criminals use sophisticated tools that can rapidly decipher passwords. Did you know that one of the most common passwords is actually ‘password’? It’s recommended to use a password with a mix of letters, numbers, and symbols. Create a unique password that's unrelated to your personal information. For example if you sell flowers, don’t have ‘flowers’ in your password.
Memorize your passwords or keep them secret. Would you leave the key to your office in the door when you leave? Obviously not. Yet many people leave notes by their desks with their most used passwords or leave their screens unlocked. This leaves the door to your systems available to be unlocked by anyone who discovers its passwords. If you have to write down your passwords, keep them in a secret place. If you have to save your passwords on your computer, avoid giving the file an obvious name, such as ‘my passwords.’
Don't re-use passwords for important accounts, especially important accounts like email and online banking. Re-using passwords is risky: if someone figures out your password for one service, that person could potentially gain access to your private email, address, and even your money.
Add extra security. If you have a Google Account, you can install 2-step verification which will add an extra layer of security by requiring you to have access to your phone--as well as your username and password--when you sign in. This means that if someone steals or guesses your password, the potential hijacker still can't sign in to your account because they don't have your phone.
Run regular anti-virus scans. If you get malware on your system, it may be programmed to look for passwords either typed in or saved. And it doesn’t hurt to change your passwords every once in awhile too.
Share these resources with your colleagues to help keep them safe and secure online:
Posted by Katrina Blake Buffini, Risk Analyst
Here’s what you can do to help protect your business online:
Use strong, unique passwords. Cyber-criminals use sophisticated tools that can rapidly decipher passwords. Did you know that one of the most common passwords is actually ‘password’? It’s recommended to use a password with a mix of letters, numbers, and symbols. Create a unique password that's unrelated to your personal information. For example if you sell flowers, don’t have ‘flowers’ in your password.
Don't re-use passwords for important accounts, especially important accounts like email and online banking. Re-using passwords is risky: if someone figures out your password for one service, that person could potentially gain access to your private email, address, and even your money.
Add extra security. If you have a Google Account, you can install 2-step verification which will add an extra layer of security by requiring you to have access to your phone--as well as your username and password--when you sign in. This means that if someone steals or guesses your password, the potential hijacker still can't sign in to your account because they don't have your phone.
Run regular anti-virus scans. If you get malware on your system, it may be programmed to look for passwords either typed in or saved. And it doesn’t hurt to change your passwords every once in awhile too.
Share these resources with your colleagues to help keep them safe and secure online:
- Online security videos:
- Strong Passwords (also earlier in this post)
- Social Engineering
- Understanding Phishing
- Read these tips for staying more secure on the web, including:
Posted by Katrina Blake Buffini, Risk Analyst
Subscribe to:
Posts (Atom)