Weak passwords are becoming a serious threat to every connected individual and organization because malicious attempts to gain access to web-based services are steadily increasing.
Earlier this month, Dropbox accounts were hacked due to weak passwords and it appears that Gmail accounts have been under a similar assault over the last few days.
If you recently received an unexpected email from a friend or colleague’s Gmail account requesting Dropbox access, that message was likely a phishing attempt to get you to login to a fake Dropbox site in order to steal your account information. Marathon has worked with AppRiver, our email filtering provider, to help block this email going forward, but it stands as a reminder to always be cautious when receiving unexpected emails.
If you have a personal or business Gmail/Google Apps account or Dropbox account, we strongly recommend changing your passwords immediately.
Start to Develop Your Email Spidey-sense
If you ever receive an email that seems suspicious to you, contact your IT provider immediately so that they can investigate the safety of the message. If you receive an email that you know for sure is SPAM, please forward it to your email provider so it can be added to their filtering rules.
Before clicking on links in any email, hover your mouse cursor over the link for a few seconds. Your email client will open a small text box showing you the true link text. An email is likely malicious if the link is pointing to a website that is unrelated to the message content. You should close the email and report it immediately.
When in doubt, if you’re asked to change your password for any website, do not click on a link in an email to do this. Instead, you should manually type the site address into your browser.