Phishing Attack & Compromised Password
If you suspect your accounts might be subject to a phishing attack or your password been compromised you need to take immediate action.
If it's a phishing attempt is suspected be double careful and closely observe items 1 through 3. If your password is suspect change it immediately and turn on two-factor authentication if the site offers the option.
- Be careful what you click. This one is obvious but it's easy to be drawn in by social engineering. It's always best to enter the web address yourself by either typing it directly into the address bar of the web browser or using a bookmark your previously created.
- Check the address bar for the correct URL. If you are expecting a secure HTTPS website for your bank, for example, make sure you see a URL beginning with https:// before entering your private information.
- Look for the padlock for secure HTTPS websites. A secure HTTPS website has a padlock icon (the text is usually green on secure sites) to the left of the web address.
- Change your password. Be sure to use a unique password or phrase for each suite that has no connection to you. See: Use strong passwords
- Consider using a password manager. We really like LastPass it is free and easy to setup and use. See: LastPass Free Password Manager
- Consider using two-factor authentication for foe an extra level of security. When you try to log into a website with two-factor authentication (2FA), there’s an extra step to make sure it’s you signing into your account. See: Two Factor Authentication