HomeLatest ThreadsGreatest ThreadsForums & GroupsMy SubscriptionsMy Posts
DU Home » Latest Threads » Pluvious » Journal
Page: 1


Profile Information

Member since: Sun Jul 11, 2004, 06:18 PM
Number of posts: 3,709

Journal Archives

Google Finally Confirms Security Problem For 1.5 Billion Gmail And Calendar Users

As a rule, one should own and maintain a "banking only" laptop, kept updated, with AV installed - and NEVER used for ANYTHING but accessing your crucial remote online accounts (brokerage, banks, NOT Facebook, Twitter etc).

NEVER used for email, nor apps, nor anything else but the web browser. Make no searches, nor click links or download things.

The sites you visit are never from clicking links, except bookmarks you've MANUALLY created.

Use the native browser, and no added plugins.

Passwords should be maintained in a secure offline password utility. Log into sites by only using the password utility, never save access info in the web browser.

How does the Google Calendar attack work?

Gmail users are finding themselves on the wrong end of a sophisticated scam which leverages misplaced trust through the use of malicious and unsolicited Google Calendar notifications.

Google Calendar allows anyone to schedule a meeting with you, and Gmail is built to integrate tightly with this calendaring functionality. Combine these two facts and users find themselves in a situation whereby the threat actor can use this non-traditional attack vector to bypass the increasing amount of awareness amongst average users when it comes to the danger of clicking unsolicited links.

Go to Page: 1