Phishing is a cybercrime in which a target or targets are attached by telephones, Emails, and messages by posing as a legal institution to attract individuals into providing crucial personal data such as identifiable information, passwords, banking information, and credit cards. This information is then used to threaten people or to access important accounts that can result in financial loss or identity theft.
Google my business phishing is increasing with hackers
Joy Hawkins from Sterling Sky has reported some incidents recently in which hackers try to hack personal information using different hacking methods to gain control of business listing on Google My Business (GMB). After gaining full control of their business and hacking every information they get to do anything with the business profile according to the desire. Surprisingly, Google My Business does not provide enough security and support to genuine Business Profiles. When people complain about the phishing attempts on the Google My Business (GMB) forum.
One prominent method that Cybercriminals used is to go on a business listing where they see an option of “claim this business”. This the option where they click on and their actions generates an Email that directly goes to the registered owner of the Business profile. Since the verified and registered owner gets this email address he can reject the access to control on the Business profile for another person such as hackers. Thankfully some of the businesses remain safe but this does not mean that this method is successfully working. According to Joy Hawkins, a law film listing got hacked recently and then it was used to sell leads to other personal injury lawyers.
This hacking shows that the hackers are skilled enough and have the knowledge to delude even lawyers and they are not afraid of messing with law firms. Everyone needs to be careful about their business on Google My Business. A Google Spokesperson said that business profile owners should decline the request whenever they receive an email request to manage their business profile or to transfer the ownership of the business listing whether this request comes from the known person or an unknown person. The real honor should understand that the rights to manage or own a business profile on Google My Business are only allowed to real verified and registered merchants who accept the request made by a requester and some requesters also prove their relationship with the business.
Another hacking trick that these cybercriminals can use is the merger of duplicate. This trick is proved by the Rasmus Himmelstrupfrom Resolution Media in Denmark accidentally. There was a large Danish supermarket chain called Bilka and on the other hand, Rasmus’s client was a European optometry chain called Specsavers that was famous by the name of Louis Nielsen in Denmark. Both Specsavers and Bilka were flagged as duplicates by google after that they were merged. Now, this flagging could have been done by Google itself or a third-party. As both listings got merged, so much information also got merged on Google My Business.
Rasmus reported this issue to Google My Business support but their response was too cruel and they started asking Rasmus to prove that the Specsavers location is actually exciting. Then he was asked to remove the duplicate Specsavers and re-verify, which he did.
But the pain Point is that Rasmus was a rival competitor of Bilka. If he wants he can do any mess up with the information of Bilka and can ruin their reputation through Google My Phishing. Anyhow, Rusmas did not do anything like that but hackers can do this with them.
Anything fake can harm the reputation of business profiles like fake listings and bogus reviews and especially the small business profiles are at higher risks. Business profile owners can lose their clients if they are not careful enough about their business. The important point is that Google must train its team to do better performance in the future.
How to Prevent Phishing Attacks?
As hackers are coming with new advanced technologies, there are also some advanced tricks that you can do to protect your business and organization.
- Spam filters can be used to protect business and business reputation against spam Emails. The filters estimate the origin of the message, the appearance of the message, and the software to use to send the message to determine if it’s spam. Spam filters sometimes block Email from legal sources, so it is not 100% accurate sometimes in working.
- The setting of the browser should be changed to prevent fake websites from opening. The browser has a list of fake websites whenever you try to access these websites it alerts you a message or blocks the address.
- Many websites exist that require a user to enter login information. This type of website is pretty secure. And to protect your website change passwords daily.
- Financial organizations and banks use monitoring systems to prevent phishing.
- Phishing prevention requires changing habits in browsing.
Generally, Emails sent by the hackers are so authentic that they look like they are sent by a business. They also add some phone numbers and other information like real business Emails to give their fake Emails a professional real look.