Every day, hundreds of millions of emails are sent with the intent of stealing passwords. Increasingly, these attacks target journalists: a 2014-2015 study by Newscycle Solutions found that 52% of news media companies were hacked or suffered a data breach -- and the most common type of attacks were phishing (59%).
In 2016, a wave of cyberattacks in the U.S. that breached high-profile targets including the Democratic National Committee, Colin Powell and Olympic gymnast Simone Biles, underscored the need for enhanced security.
As phishing scams become more sophisticated, fake login pages can trick you into giving your password to an attacker -- without even knowing it. An action as simple as a typo can land you on one, with only subtle cues such as an outdated Google logo or font to tip you off that it’s a forgery. That’s how fake login pages successfully steal passwords 45% of the time.
Once your password has been stolen, the attacker may use your email account to harm you by gathering personal information or emailing others and pretending to be you. The consequences can be devastating; stolen data has even been used to put journalists in prison.
Password Alert lets you know if you’ve been targeted by this type of attack.
Created by the Jigsaw team in addition to Google’s Security Engineering and Google for Work teams, Password Alert works like a spellchecker, except that instead of looking for typos, it looks to see if you enter your Google account password any place other than your account sign-in page.
If it detects that you’ve mistakenly entered your password on the wrong site, it immediately alerts you and prompts you to change it. If you’re positive that you’re on a legitimate site, you can choose to ignore the alert and continue without changing your password.
Rest assured that Password Alert will never store your password or keystrokes. Using a technique called “hashing,” it knows if you just typed your password without ever knowing what your password is.
To learn more about your privacy and Password Alert, read the FAQ on our support page.
To install this safety tool, simply visit g.co/passwordalert, which takes you to the Chrome Webstore page where you can download Password Alert.
Click Add to Chrome.
Then click Add extension. Password Alert will install in your Chrome browser.Once you’ve installed Password Alert, simply sign in to your Google account and it will automatically start working behind the scenes. To learn more about how Password Alert protects you online, visit the Jigsaw website.