Q:

What's this scary Gmail scam about?

A:

 Fraudsters have cracked Google's defenses, sending fake emails that look so real they can trick anyone, whether you use Gmail or not! These scams could even seem to come from your business partners or clients. Let's break it down with simple Q&A to keep you and your workplace safe, plus show how Maxsol can help you fight back!

Q:

Why should I worry?

A:

 These emails are dangerous because:

• They look 100% legit, landing in your inbox, not spam.
• They can steal your account (personal or work) if you click their links.
• They can hurt your company by misusing your business email, making clients lose trust.

Q:

How are scammers bypassing Google's protections?

A:

  Google uses a security stamp (called DKIM) to prove an email is real. Scammers found a way to reuse this stamp by grabbing a legitimate Google email and resending it without breaking the stamp. It's like stealing a VIP pass to sneak past security guards. Google's filters think the email is safe, so it goes straight to your inbox!

Q:

How can I stay safe?

A:

For Everyday Folks (No Tech Skills Needed)

Don't worry, you don't need to be a tech wizard! Here's how to outsmart these scammers:

• Peek at Links: Hover over any link in an email (don't click!) to see where it goes. If it's not accounts.google.com or a trusted company site, steer clear.
• Lock Your Account: Add two-factor authentication (2FA) to your email (Gmail or others). It's like a double lock, use an app like Google Authenticator, not text messages.
• Ignore Urgent Emails: If an email screams "Act now!" or "Fix your account!", don't bite, even if it looks like it's from Google or a client.
• Sound the Alarm: Spot a fishy email? Hit the "Report Phishing" button in your email app or tell your work's IT crew.
• Get a Second Opinion: Not sure about an email? Ask a tech-savvy friend or your IT team before clicking anything.

For IT Heroes (Tech Teams)

If you manage your company's Google Workspace or Gmail setup, here's how to tighten the screws:

Don't worry, you don't need to be a tech wizard! Here's how to outsmart these scammers:

• Swap Security Keys: Change your DKIM keys every month in the Google Admin Console. It's like changing your locks to keep crooks out.
• Set a Timer: Make DKIM stamps expire in 24 hours (use the x= tag) so scammers can't reuse old emails.
• Shield Email Details: "Sign" key parts like the sender and subject line multiple times to stop tampering.
• Block Fakes: Set a strict DMARC rule (p=reject) in your DNS to reject fake emails pretending to be from your domain.
• Keep Watch: Use Google Postmaster Tools to spot weird email activity, like sudden spam complaints.

Q:

How can Maxsol save the day?

A:

  This scam is a game-changer, sneaking past Google's defenses to flood any inbox with fake emails that could come from Google, partners, or clients. Don't face this scam alone, Maxsol has your back! We offer:

• Security Checkup: Our experts will review your company's email setup to ensure it's scam-proof, spotting weak spots before hackers do.
• Fake Attack Training: We'll run safe "attack simulations" to show your team how these scams work and teach everyone how to spot them.

Email

benny.cahyono@maxsol.id

Phone

0811 - 1751 - 122

Office

APL Tower Central Park Jl. S. Parman Kav. 28 Lantai 19/Unit T7, Tanjung Duren Selatan, Grogol Petamburan, Jakarta Barat