According to a recent security report by Cofense, there is a new wave of phishing attacks, which rely on trusted file sharing services. The phishing campaign sends an email from a trusted service, requesting users to access a purchase order form with a (.pdf) extension. Once the user downloads the seeming ‘purchase order information’ they are redirected to a Microsoft login page. Entering one’s microsoft login credentials can provide the attackers with access to important personal information.
Phishing emails aren’t likely to vanish soon. While companies and security experts focus on identifying and patching software vulnerabilities, one of the weakest security points are actually end users. Phishing takes advantage of that. By mimicking messages from trustworthy sources, the cyber criminals obtain important personal information.
That’s why users need to know what kind of communication to expect from the service you’re using. In this article, we wanted to share a few helpful tips and tools you can use to safeguard your pCloud account.
Your file security as a pCloud user
The security of your files is one of our priorities at pCloud. That’s why we continuously ensure your data always stays protected and you have control over it:
- When you sign up for pCloud, you can choose the geographic location, where your files and personal data will be stored. Two data regions are available at the moment – the European Union and the United States.
- As a company based in Switzerland, we comply with Swiss privacy laws – one of the strictest in the world.
- We do not, have not and do not have any future plans to sell your personal information to third parties.
- You can enable an extra layer of protection for your confidential files with pCloud Encryption. The tool uses client-side encryption to secure your files on your device, before they are uploaded to the pCloud services.
- Our data centers have been chosen after an intense risk assessment to prove the highest quality and reliability.
- The files you store in pCloud are secured with 256-bit AES encryption during and after transfer. To further guarantee your files’ safety, pCloud uses TLS/SSL protocol, applied when information is transferred from your device to the pCloud servers. 5+ copies of your files are stored on at least three server locations in a highly secure data storage area.
What kind of notifications you can expect from pCloud
It’s easy to review what kind of notifications to expect from us, by checking your notification settings. All important system alerts we send are related to an action you perform in your pCloud account. For example, if you purchase a pCloud plan, you’ll receive an email about the successful payment. This email will contain information on how to get your invoice, but essentially, it will NOT have it attached for security reasons. Another example – if you haven’t logged in your pCloud account in two months, you’ll receive an email notification about your inactivity.
If by chance you receive a system alert about an action you haven’t performed in your pCloud account, we recommend doing the following:
- change the password of your pCloud account
- turn on two-factor authentication
- check the security of your email account
- if you still have any doubts, get in touch with our team at support@pcloud.com
pCloud Privacy & Security tools to know about
One of the best ways to ensure the security of your files is to learn more about the tools you can use in pCloud:
Secure sharing with File requests and Password-protected links
With remote work becoming a benchmark for modern business, collaboration and sharing should be done responsibly.
If you need to collect files from other people, you can do so without giving access to your account. A file request is a unique, secure link for a folder in your account. Anyone with access to this link can upload files there, without knowing what’s inside the folder or your account. What’s more, everything people will be organized neatly.
In order to create a file request:
- Mark a folder
- Open the More options menu and click Request files
Once the link is generated, you can share it with other people. If you want this link to be active only for a limited time, you can add an expiration date:
- Open the settings of the file request
- Set an expiration date and save
After the expiration of the file request, anyone with access won’t be able to use it.
Linked devices and apps – remote wipe
The Devices tab in your Security settings allows you to monitor all the devices you have connected to pCloud. That way, it’s easy to protect your data in case your device gets stolen or lost. If you remove a device from the list, you will fully disconnect it from pCloud. That way, you will remotely wipe all synced files or files with offline access, and stop anyone from accessing important information.
You can access the Devices tab from my.pCloud > Settings > Security. Review your linked devices and remove any, which you find potentially suspicious.
Two-factor authentication
While having a strong password will make it harder for someone to gain access to your account, it’s only one layer of protection. Two-factor authentication improves the security of your account by bringing in a second security layer. When you turn on two-factor authentication, you will be asked to enter your account login credentials plus a security code. That way, you will be entering something ‘you know’ – like your password, and something ‘you have’ – a unique security code that’s generated every time you want to log in.
You can turn on two-factor authentication from your pCloud Security settings. Currently, you can receive the codes via text message or use a third-party authenticator app.
Turn ON Two-factor Authentication
More awesome updates are on their way! We’re excited to bring you new solutions and features to support your everyday life and work.