Phishing attacks, wherein scammers pretend to be legitimate companies in order to trick you into handing over sensitive information such as usernames, passwords or credit card information, are getting more difficult to spot. Even Google is susceptible to more sophisticated attacks, which have popped up everywhere from email attachments to shared Google documents.
Image credit: Leon Neal/Getty
If you're a Google Chrome user, you can more securely protect yourself from phishing attacks with a simple extension from Google itself. The company's Password Alert extension for Google Chrome aims to prevent phishing scams from compromising your account before you notice. If you have even the slightest fear someone might try to break into your account (which you should), this tool should be part of your arsenal.
Password Alert works by temporarily storing an altered, partially randomised version of your password in your browser. Every time you enter a password, the extension compares your password to its saved version, and checks if the site is a legitimate Google Sign In page. There's no keylogging, according to Google, meaning you don't have to worry about the extension watching you type to detect when you enter your password. Password Alert also works for multiple profiles on the same Google Chrome browser, so you can protect both your work and personal accounts.
If Password Alert detects a potential phishing site trying to get a glimpse of your personal Google account information, you'll get a prompt to reset your password to keep yourself protected, or an option to ignore the alert.
Password Alert is a much-needed extra level of security, especially if you've yet to pair your account with a two-factor authentication app such as Google Authenticator or Authy. Sure, SMS verification is a start, but there's always the risk that you'll get your number hijacked, and if that happens, you're pretty much out of luck.