How to Keep Yourself Safe in Light of the Google Docs Phishing Scam

In light of the recent Google Docs phishing scam, we wanted to talk about something slightly yawn-inducing but extremely important.

Internet security.

We hate to talk about it, but we all know it’s a serious threat.

A threat to:

• Your credit card and bank information
• Your passwords
• Your emails
• Important documents
• The functionality of your devices

There are some simple mistakes we all make without a second thought that can put everything at risk.

Aaron Parr, internet security consultant, explains,

“The minute you start adding in outside influences — even something as simple as a flash drive into your USB port — there’s the chance of that something will come in and slow your device down, steal your information, crash your computer, and so on.

But what’s the use of having a computer that’s only good for playing a good round of minesweeper?

So, think of internet security as a balancing act. We have to have access to information, which means we have to be connected to an outside source. But, the more we do that, the more holes we open up (for bad stuff to come through).”

Here are some easy things you can do to prevent all that bad stuff from infiltrating your life.

1. Don't connect to public wi-fi

Lenny Bencie, a global security consultant, goes as far as saying, “Falling victim to public Do not connect to any public wi-fi, especially if it’s not a secure network.

Instead, use your phone as a hotspot, or buy a tablet that connects over the mobile network.

Why?

The network can be infiltrated by a third party. It’s not actually that hard to do, what with there being YouTube videos showing exactly how to do it.

In simple terms, traffic is intercepted between your device and the public wi-fi by making your device think the hacker’s machine is the access point to the internet. When it’s not.

Hackers will also boost a strong wi-fi signal with a similar name of the network you’re trying to connect to. For example, you might see a network that’s called “Holiday Inn,” and there’s another one called “Holiday Inn West Side.”

The West Side one has 5 bars, while the other only has 3. It’s easy to just click on the one with the stronger signal and not think twice. But, it could be a hacker in his creepy van that is now monitoring everything you do on your device.

Wi-Fi’s dangers is a question of when, not if.”

The safe thing to do is to always use your own internet signal. Better safe than sorry.

2. Don’t send sensitive information via email

It’s really tempting to send important information by email, but here’s the sad truth:

1 in 4 emails gets hacked.

It is of PRIME important that you don’t send any important information via email, and that includes:

1. Tax forms
2. Travel itineraries
3. Passwords
4. Invoices
5. Scanned IDs
6. Insurance information (!)
7. Photos (especially scandalous or sensitive ones)
8. Personal conversations (remember what happened to Ryan Holiday?)

Hackers can use any of this information to quite literally ruin your life. They can leak sensitive information and steal your identity while they're at it.

Our emails are also connected to everything. Think about it. Your email is probably interconnected to many of the following:

• Your bank account
• Facebook
• Twitter
• LinkedIn
• Instagram
• YouTube
• Google Drive
• iCloud
• DropBox
• Amazon
• PayPal
• Netflix
• Uber
• Online retailers
• And, oh my gosh, the list goes on!

When your email gets hacked, it’s not just about the sensitive information that’s in your inbox. It’s about everything else that it’s connected to.

In fact, if a hacker gets into your email, they can easily open up a bank account in your name, take out a loan, and ruin your credit rating in a matter of days.

That’s why the next step is extremely important.

3. Create secure passwords

I’m guilty of it. Creating passwords that are simply easy to remember. However, we live in a world now where you don’t actually have to remember your passwords.

Password managers can create really complex passwords that make it very hard for people to hack into your accounts.

There are a lot of options, and here are a few:

• Dashlane
• LastPass
• LogMeOnce
• 1Password

It makes it easy to choose different passwords for everything, and the apps remember the information for you.

Parr explains, “At the very least, you want to have different usernames and passwords for everything. That way, when (not if) a hacker gets into one of your accounts, they won’t get into everything.”

It’s very easy for a hacker to throw every word in the dictionary at a system. It’s also easy to fire off every word in the dictionary and every one or two digit number after that word. So, if your password is “dogs24,” there’s a really good chance that a hacker will get into your account with no trouble at all.

If a hacker does what’s called brute force cracking, the hack will start with the letter “a.” Then, it’ll go through the alphabet. Then, it’ll start over and go “aa,” “ab,” and so on. Then, it’ll start over and add a third letter: “aaa,” “aab,” and so on.

So, after it runs all of the lowercase letters out to maybe 27 characters, then it has to go to capital letters.

Now, if you add a number into your password, it has to go back through lowercase letters, uppercase letters, and numbers.

Then, if you add a special character, the hack has to go through lowercase letters, uppercase letters, numbers, and special characters. You can imagine that the number of possible combinations is an extremely large number.

Every time your password gets longer, and every time you add another variable into it, the hacker has to do that many more combinations.

However, it’s more important to have a longer password than it is to have a complex password.

Check out this chart:

Now, it is from 2014, so hacking might be faster than it was before, but you can see how drastic of a difference it is to make your password just one character longer. When you move from 13 to 14 letters, you make your password secure against a hack for a least a century. Now that’s really something.

Parr explains that patterns can make it easy to remember a really long password, and a hacker can’t detect patterns. All a hacker knows is if they’re right or wrong. So, even if they’re one letter off, they have no clue that they’re close.

To calculate how secure your password is, the character set is raised to the power of the password length.

So, for example, if you’re just using lowercase, uppercase, and numbers 0-9, that would be 62 raised to the power of the length of the password.

So, the longer the password is, the better off you are. Longer will always trump complexity.

When you do both together? You’re basically impenetrable.

4. Question everything

Phishing and hacking attempts are starting to look scarily legitimate.

Gone are the days when you get an email from Raj asking you to give him your bank account number so he could put $10 million in there.

Now, we get texts like this:

And we unknowingly call the number, give up our account information, and get hacked.

The recent Google phishing scam was creepily real-looking, too. If you didn’t notice the strange email address it was coming from, everything else looked really legitimate.

If you get a text or email asking you to verify information or click a link, be very suspicious and avoid it at all costs.

Some easy ways to verify their credibility is to look at the phone number that’s contacting you or the email address that it’s coming from.

In any case, be wary of these emails and assume the worst.

There’s a lot of other things you can do to prevent getting hacked, but these simple steps should keep you covered.