Google Adsense College

Posted by Ian Fette, Google Security
Team

This post is one of a href="http://googleblog.blogspot.com/search/label/security"
id="pxk:" >series devoted to online security. - Ed.

Millions of people have gotten "urgent" emails asking
them to take immediate action to prevent some impending disaster.
"Our bank has a new security system. Update your information
now or you won't be able to access your account," or
"We couldn't verify your information; click here to update
your account." Sometimes the email claims that something awful
will happen to the sender (or a third party), as in "The sum
of $30,000,000 is going to go to the Government unless you help me
transfer it to your bank account."

People who click on the links in these emails may see a web page
that looks like a legitimate site they've visited before.
Because the page looks familiar, these people enter their username,
password, or other private information on the site. What
they've actually done is given an unknown third party all the
information needed to hijack their account, steal their money, or
open up new lines of credit in their name. They just fell for a
phishing attack.

The concept behind such an attack is pretty simple: Someone
masquerades as someone else in an effort to fool you into sharing
personal or other sensitive information with them. Phishers can
masquerade as just about anyone, including banks, email and
application providers, online merchants, online payment services,
and even governments. And while some of these attacks are crude and
easy to spot, many of them are sophisticated and well constructed.
That fake email from "your bank" can look very real; the
bogus "login page" you're redirected to can seem
completely legitimate.

The good news is there are things you can do to steer clear of
phishing attacks:

Be careful about responding to
emails that ask you for sensitive information. You should be
wary of clicking on links in emails or responding to emails that
are asking for things like account numbers, user names and
passwords, or other personal information such as social security
numbers. Most legitimate businesses will never ask for this
information via email. Google doesn't.

Go to the site yourself,
rather than clicking on links in suspicious emails. If you
receive a communication asking for sensitive information but think
it could be legitimate, open a new browser window and go to the
organization's website as you normally would (for instance, by
using a bookmark or by typing out the address of the
organization's website). This will improve the chances that
you're dealing with the organization's website rather than
with a phisher's website, and if there's actually something
you need to do, there will usually be a notification on the site.
Also, if you're not sure about a request you've received,
don't be afraid to contact the organization directly to ask. It
takes just a few minutes to go to the organization's website,
find an email address or phone number for customer support, and
reach out to confirm whether the request is legitimate.

If you're on a site
that's asking you to enter sensitive information, check for
signs of anything suspicious. If you're on a site
that's asking for sensitive information — no matter how you
got there — check for the signs that it's really the official
website for the organization. For example, check the URL to make
sure the page is actually part of the organization's website,
and not a fraudulent page on a different domain (such as
mybankk.com or g00gle.com.) If you're on a page that should be
secured (like one asking you to enter in your credit card
information) look for "https" at the beginning of
the URL and the padlock icon in the browser. (In Firefox and
Internet Explorer 6, the padlock appears in the bottom right-hand
corner, while in Internet Explorer 7 the padlock appears on the
right-hand side of the address bar.) These signs aren't
infallible, but they're a good place to start.

Be wary of the "fabulous
offers" and "fantastic prizes" that you'll
sometimes come across on the web. If something seems too good to be
true, it probably is, and it could be a phisher trying to steal
your information. Whenever you come across an offer online that
requires you to share personal or other sensitive information to
take advantage of it, be sure to ask lots of questions and check
the site asking for your information for signs of anything
suspicious.

Use a browser that has a
phishing filter. The
latest versions of most browsers — including href="http://www.mozilla.com/en-US/firefox/" id="f846"
>Firefox, href="http://www.microsoft.com/windows/products/winfamily/ie/default.mspx"
id="jj0_" >Internet Explorer, and href="http://www.opera.com/" id="csp_" >Opera –
include phishing filters that can help you spot potential phishing
attacks.

All fairly simple, right? What it all comes down to is if someone
asks you to share personal or other sensitive information online,
take a moment to think through the request carefully. Doing so will
help you stay safe online, and help us all put phishers out of
business.

href="http://feeds.feedburner.com/~f/blogspot/MKuf?a=DKBjiG" > border="0" />

height="1" width="1" />

Tags: , Fette, google, Ian, post, Posted, Security, teamThis

Posted by Cynthia Schroeder, Google
Grants team

This week marks the fifth year of Google Grants. We're pleased
to report that more than 4,000 grantees to date have benefited from
approximately $273.3 million in free AdWords advertising — and
that's something to celebrate. Learn more about the history of
this in-kind advertising program on the

href="http://googlegrants.blogspot.com/2008/04/google-grants-turns-5.html"
id="b8dc" >Google Grants Blog, and find out how your favorite
not-for-profit group can apply by visiting the href="http://www.google.com/grants/"
id="muxe" >Google Grants page

Tags: , Cynthia, google, Grants, Posted, Schroeder, teamThis, week

Posted by Kathy Walrath, Google Desktop
team

This is the time of year when People Who Love to Decorate — you
know who you are — can go all out. And while you're festooning
your home and office, don't forget your computer desktop!

The Inside Google Desktop Blog has a guide to the

href="http://googledesktop.blogspot.com/2007/12/desktop-gadgets-for-holiday-season.html"
id="g-_m" >latest holiday gadgets, with a picture of each one
and tips on how you might use it. You can decorate a Christmas
tree, listen to music, exchange ornaments with a friend, count down
to the New Year, and more. They look right at home on your desktop,
or you can put them in the Google Desktop sidebar or your iGoogle
home page.
onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}"
href="http://bp3.blogger.com/_Ap14FtNN91w/R2qyY4LM1eI/AAAAAAAAAhM/mY3ny63SXyg/s1600-h/Desktop_tree.gif" >
alt="" id="BLOGGER_PHOTO_ID_5146121664690181602"
border="0" />

Take the Christmas Tree gadget, for instance. When you start it up,
it's a simple tree with gently falling snow. With a few clicks
you can add ornaments wherever you like. If you find the animated
precipitation distracting, you can hide the snowflakes.

We hope you enjoy these gadgets. And happy holidays from the Google
Desktop Team

Tags: , desktop, google, Kathy, Posted, teamThis, time, Walrath