A friend writes:
I received an email from a colleague this afternoon. She uses Google Drive to send big files. The email said, “Barbara is trying to send you a file too big for email. Please sign into Google Drive.”
Not thinking that I was already signed in, I clicked and signed in, and even gave my phone number. It only took a min for me to realize what happened when I was taken to an art gallery. So I’m changing everything, all credit and bank and passwords, etc.
But I’m guessing they could have sucked every bit of data out of all my Google info in a couple of minutes. Oy vey…
It’s such a horrific — and tragically common — story these days. My friend has made the right move: Changing all his passwords, especially to all the major accounts such as Facebook, Apple, and Google, should secure him for the time being. Also, I think making sure you’re subscribed to a credit-monitoring bureau, and alerting them to such a happenstance, would be beneficial.
So just to make sure you know: Using a password manager such as 1Password [affiliat link], Dashlane, or LastPass helps immensely in these situations. You can use 1P to change all your passwords much faster than doing it manually, ensuring their all different and superlong. I even use 1Password to help me store the fake answers I create for the security questions.