- Visit our refreshed to manage Security Check-Up your account security.
- Set up two-factor authentication to add an extra layer of security, in addition to your password
- Don’t reuse the same password for important accounts, and don’t share passwords with anyone!
- Check your account recovery information and add a phone number or other contact info. This enables us to help you in case you get locked out.
- Be mindful of all software or applications you install on your computer and phone.
General security tips talking points
- How to tell your account might have been hacked
- How to protect yourself from account hijacking Use a strong, unique password
- Know the telltale signs of phishing (most hijackers get into accounts through phishing) — Most of us think we’re too smart to fall for phishing, but our research found some fake websites worked a whopping 45% of the time. On average, people visiting the fake pages submitted their info 14% of the time, and even the most obviously fake sites still managed to deceive 3% of people. Considering that an attacker can send out millions of messages, these success rates are nothing to sneeze at. When in doubt, visit websites directly (not through a link in an email) to review or update account information.
- Report phishing messages in Gmail
- Upgrade your account to 2-step verification – Our free 2SV service provides an extra layer of security against all types of account hijacking. In addition to your password, you’ll use your phone to prove you’re really you. We also recently added an option to log in with a physical USB device.
- Update the recovery options on your account such as your secondary email address and your phone number
Google Security Check-up tool allows you to review your accounts security settings.
Don’t be a phishing victim. Learn how to spot the scams during Safer Internet Day
Most of us know someone who has had an online account hijacked. It’s bad enough if this happens to your social media or email accounts, but if its your bank account, the results can be devastating.
For this Safer Internet Day, we’re encouraging everyone to boost their smarts with these four tips on how to spot a phishing attempt:
- Check the URL in the address bar. It might look right in the email, but it could take you scam site designed to steal your personal details. Also check for ‘HTTPS’ in the address bar which means the site is secure.
- Always check the sender’s email address. Does it look right to you? Phishing emails will often contain spelling mistakes and other irregularities.
- Recognise scare tactics. Genuine sites never use scare tactics to get you to enter your username, password or credit card numbers. This is a red flag that the site may not be genuine.
- Always check the spelling. Even though phishing can be sophisticated, hijackers are not always great spellers. Typos on a website or email could indicate that they are not the real deal.